From 29cd22aa2daa6a3f27a03ad1b10ba03f64e58801e192518d412e7d64bf305058 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Fri, 3 May 2024 13:55:45 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main java-1_8_0-openjdk revision 2af961609da9448853cbdd9421740a0d --- .gitattributes | 23 + 1015432.patch | 23 + JDK_1_8_0-8208602.patch | 93 + _constraints | 11 + aarch32-git.tar.xz | 3 + adlc-parser.patch | 10 + bsc1211968.patch | 15 + disable-doclint-by-default.patch | 58 + fips.patch | 1428 +++ icedtea-3.30.0.tar.xz | 3 + icedtea-3.8.0-s390.patch | 11 + java-1_8_0-openjdk-suse-desktop-files.patch | 24 + java-1_8_0-openjdk.changes | 9672 +++++++++++++++++++ java-1_8_0-openjdk.spec | 1147 +++ java-atk-wrapper-security.patch | 24 + make-jobserver-detection.patch | 13 + nss.fips.cfg.in | 6 + openjdk-git.tar.xz | 3 + ppc-zero-hotspot.patch | 22 + riscv64-zero.patch | 86 + shenandoah-git.tar.xz | 3 + tls13extensions.patch | 20 + zero-javadoc-verbose.patch | 10 + 23 files changed, 12708 insertions(+) create mode 100644 .gitattributes create mode 100644 1015432.patch create mode 100644 JDK_1_8_0-8208602.patch create mode 100644 _constraints create mode 100644 aarch32-git.tar.xz create mode 100644 adlc-parser.patch create mode 100644 bsc1211968.patch create mode 100644 disable-doclint-by-default.patch create mode 100644 fips.patch create mode 100644 icedtea-3.30.0.tar.xz create mode 100644 icedtea-3.8.0-s390.patch create mode 100644 java-1_8_0-openjdk-suse-desktop-files.patch create mode 100644 java-1_8_0-openjdk.changes create mode 100644 java-1_8_0-openjdk.spec create mode 100644 java-atk-wrapper-security.patch create mode 100644 make-jobserver-detection.patch create mode 100644 nss.fips.cfg.in create mode 100644 openjdk-git.tar.xz create mode 100644 ppc-zero-hotspot.patch create mode 100644 riscv64-zero.patch create mode 100644 shenandoah-git.tar.xz create mode 100644 tls13extensions.patch create mode 100644 zero-javadoc-verbose.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/1015432.patch b/1015432.patch new file mode 100644 index 0000000..ebaa07c --- /dev/null +++ b/1015432.patch @@ -0,0 +1,23 @@ +--- openjdk/hotspot/src/os/linux/vm/os_linux.cpp Wed Oct 23 15:44:12 2013 -0700 ++++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp Thu Dec 19 16:03:33 2013 +0000 +@@ -4797,9 +4797,19 @@ + // size. Add a page for compiler2 recursion in main thread. + // Add in 2*BytesPerWord times page size to account for VM stack during + // class initialization depending on 32 or 64 bit VM. ++ ++ + os::Linux::min_stack_allowed = MAX2(os::Linux::min_stack_allowed, + (size_t)(StackYellowPages+StackRedPages+StackShadowPages) * Linux::page_size() + +- (2*BytesPerWord COMPILER2_PRESENT(+1)) * Linux::vm_default_page_size()); ++ (2*BytesPerWord COMPILER2_PRESENT(+1)) ++ * ++#ifdef PPC ++ NOT_ZERO ( Linux::vm_default_page_size() ) ++ ZERO_ONLY ( Linux::page_size() ) ++#else ++ ( Linux::vm_default_page_size() ) ++#endif ++ ); + + size_t threadStackSizeInBytes = ThreadStackSize * K; + if (threadStackSizeInBytes != 0 && diff --git a/JDK_1_8_0-8208602.patch b/JDK_1_8_0-8208602.patch new file mode 100644 index 0000000..2c4e86b --- /dev/null +++ b/JDK_1_8_0-8208602.patch @@ -0,0 +1,93 @@ + +# HG changeset patch +# User weijun +# Date 1533101708 -28800 +# Node ID 9d92ff04a29c12a5d47f2ca4e772f7716bfdb8ff +# Parent b6e0bfe4a6ec5d8d9d9476c05627dfb47f2263e1 +8208602: Cannot read PEM X.509 cert if there is whitespace after the header or footer +Reviewed-by: xuelei + +diff -r b6e0bfe4a6ec -r 9d92ff04a29c src/java.base/share/classes/sun/security/provider/X509Factory.java +--- openjdk/jdk/src/share/classes/sun/security/provider/X509Factory.java Wed Aug 01 01:40:44 2018 -0400 ++++ openjdk/jdk/src/share/classes/sun/security/provider/X509Factory.java Wed Aug 01 13:35:08 2018 +0800 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -635,7 +635,8 @@ + if (next != '\r') footer.append((char)next); + } + +- checkHeaderFooter(header.toString(), footer.toString()); ++ checkHeaderFooter(header.toString().replaceFirst("\\s++$", ""), ++ footer.toString().replaceFirst("\\s++$", "")); + + return Pem.decode(new String(data, 0, pos)); + } +diff -r b6e0bfe4a6ec -r 9d92ff04a29c test/jdk/sun/security/provider/X509Factory/BadPem.java +--- openjdk/jdk/test/sun/security/provider/X509Factory/BadPem.java Wed Aug 01 01:40:44 2018 -0400 ++++ openjdk/jdk/test/sun/security/provider/X509Factory/BadPem.java Wed Aug 01 13:35:08 2018 +0800 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -23,14 +23,13 @@ + + /* + * @test +- * @bug 8074935 +- * @summary jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did ++ * @bug 8074935 8208602 ++ * @summary X.509 cert PEM format read + */ + + import java.io.ByteArrayOutputStream; + import java.io.FileInputStream; +-import java.io.FileOutputStream; + import java.io.PrintStream; + import java.security.KeyStore; + import java.security.cert.CertificateException; + import java.util.Arrays; +@@ -49,10 +48,12 @@ + String pass = "passphrase"; + String alias = "dummy"; + ++ CertificateFactory cf = CertificateFactory.getInstance("X.509"); + KeyStore keyStore = KeyStore.getInstance("JKS"); + keyStore.load(new FileInputStream(ks), pass.toCharArray()); + byte[] cert = keyStore.getCertificate(alias).getEncoded(); + ++ // 8074935 + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + PrintStream pout = new PrintStream(bout); + byte[] CRLF = new byte[] {'\r', '\n'}; +@@ -64,14 +65,20 @@ + } + pout.println(X509Factory.END_CERT); + +- CertificateFactory cf = CertificateFactory.getInstance("X.509"); +- + try { + cf.generateCertificate(new ByteArrayInputStream(bout.toByteArray())); + throw new Exception("Should fail"); + } catch (CertificateException e) { + // Good + } ++ ++ // 8208602 ++ bout.reset(); ++ pout.println(X509Factory.BEGIN_CERT + " "); ++ pout.println(Base64.getMimeEncoder().encodeToString(cert)); ++ pout.println(X509Factory.END_CERT + " "); ++ ++ cf.generateCertificate(new ByteArrayInputStream(bout.toByteArray())); + } + } + + diff --git a/_constraints b/_constraints new file mode 100644 index 0000000..1f99add --- /dev/null +++ b/_constraints @@ -0,0 +1,11 @@ + + + + 4096 + + + 20 + + + + diff --git a/aarch32-git.tar.xz b/aarch32-git.tar.xz new file mode 100644 index 0000000..3dab5e3 --- /dev/null +++ b/aarch32-git.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ed96507df0daede6ab358927160c7ac5a145052fea575f32097b9b03cd440f5a +size 7208892 diff --git a/adlc-parser.patch b/adlc-parser.patch new file mode 100644 index 0000000..f1b93af --- /dev/null +++ b/adlc-parser.patch @@ -0,0 +1,10 @@ +--- openjdk/hotspot/src/share/vm/adlc/formsopt.cpp 2014-07-03 21:56:12.000000000 +0200 ++++ openjdk/hotspot/src/share/vm/adlc/formsopt.cpp 2014-07-14 11:43:21.900408570 +0200 +@@ -347,6 +347,7 @@ + _return_value = NULL; + _c_return_value = NULL; + _interpreter_frame_pointer_reg = NULL; ++ _cisc_spilling_operand_name = NULL; + } + + FrameForm::~FrameForm() { diff --git a/bsc1211968.patch b/bsc1211968.patch new file mode 100644 index 0000000..853cc57 --- /dev/null +++ b/bsc1211968.patch @@ -0,0 +1,15 @@ +--- openjdk/jdk/src/share/classes/sun/security/ssl/DHKeyExchange.java 2023-11-14 07:18:11.483931806 +0100 ++++ openjdk/jdk/src/share/classes/sun/security/ssl/DHKeyExchange.java 2023-11-14 07:20:21.018138340 +0100 +@@ -253,11 +253,7 @@ + static { + String property = GetPropertyAction.privilegedGetProperty( + "jdk.tls.ephemeralDHKeySize"); +- if (property == null || property.isEmpty()) { +- useLegacyEphemeralDHKeys = false; +- useSmartEphemeralDHKeys = false; +- customizedDHKeySize = -1; +- } else if ("matched".equals(property)) { ++ if (property == null || property.isEmpty() || "matched".equals(property)) { + useLegacyEphemeralDHKeys = false; + useSmartEphemeralDHKeys = true; + customizedDHKeySize = -1; diff --git a/disable-doclint-by-default.patch b/disable-doclint-by-default.patch new file mode 100644 index 0000000..01f18f5 --- /dev/null +++ b/disable-doclint-by-default.patch @@ -0,0 +1,58 @@ +Disable doclint by default + +OpenJDK 8 adds and enables doclint by default. This catches issues in +javadoc comments. It is too strict, breaks javadoc compilation and, in +general, breaks the build for old code known to build with previous +versions of OpenJDK. + +See: http://blog.joda.org/2014/02/turning-off-doclint-in-jdk-8-javadoc.html +See: https://lists.fedoraproject.org/pipermail/java-devel/2014-February/005150.html + +Author: Andrew John Hughes +Author: Emmanuel Bourg +--- openjdk/langtools/src/share/classes/com/sun/tools/javadoc/DocEnv.java ++++ openjdk/langtools/src/share/classes/com/sun/tools/javadoc/DocEnv.java +@@ -811,10 +811,9 @@ + doclintOpts.add(opt == null ? DocLint.XMSGS_OPTION : DocLint.XMSGS_CUSTOM_PREFIX + opt); + } + +- if (doclintOpts.isEmpty()) { +- doclintOpts.add(DocLint.XMSGS_OPTION); +- } else if (doclintOpts.size() == 1 +- && doclintOpts.get(0).equals(DocLint.XMSGS_CUSTOM_PREFIX + "none")) { ++ if (doclintOpts.isEmpty() || ++ (doclintOpts.size() == 1 ++ && doclintOpts.get(0).equals(DocLint.XMSGS_CUSTOM_PREFIX + "none"))) { + return; + } + +--- openjdk/langtools/test/tools/javadoc/doclint/DocLintTest.java ++++ openjdk/langtools/test/tools/javadoc/doclint/DocLintTest.java +@@ -130,12 +130,12 @@ + }; + + test(Collections.emptyList(), +- Main.Result.ERROR, +- EnumSet.of(Message.DL_ERR9A, Message.DL_WRN12A)); ++ Main.Result.OK, ++ EnumSet.of(Message.JD_WRN10, Message.JD_WRN13)); + + test(Arrays.asList(rawDiags), +- Main.Result.ERROR, +- EnumSet.of(Message.DL_ERR9, Message.DL_WRN12)); ++ Main.Result.OK, ++ EnumSet.of(Message.JD_WRN10, Message.JD_WRN13)); + + test(Arrays.asList("-Xdoclint:none"), + Main.Result.OK, +@@ -158,8 +158,8 @@ + EnumSet.of(Message.DL_WRN12)); + + test(Arrays.asList(rawDiags, "-private"), +- Main.Result.ERROR, +- EnumSet.of(Message.DL_ERR6, Message.DL_ERR9, Message.DL_WRN12)); ++ Main.Result.OK, ++ EnumSet.of(Message.JD_WRN10, Message.JD_WRN13)); + + test(Arrays.asList(rawDiags, "-Xdoclint:syntax", "-private"), + Main.Result.ERROR, diff --git a/fips.patch b/fips.patch new file mode 100644 index 0000000..9e7d116 --- /dev/null +++ b/fips.patch @@ -0,0 +1,1428 @@ +--- openjdk/common/autoconf/configure.ac 2022-02-08 15:00:13.864829794 +0100 ++++ openjdk/common/autoconf/configure.ac 2022-02-08 15:00:30.560949558 +0100 +@@ -212,6 +212,7 @@ + LIB_SETUP_ALSA + LIB_SETUP_FONTCONFIG + LIB_SETUP_MISC_LIBS ++LIB_SETUP_SYSCONF_LIBS + LIB_SETUP_STATIC_LINK_LIBSTDCPP + LIB_SETUP_ON_WINDOWS + +--- openjdk/common/autoconf/libraries.m4 2022-02-08 15:00:13.864829794 +0100 ++++ openjdk/common/autoconf/libraries.m4 2022-02-08 15:00:30.560949558 +0100 +@@ -1334,3 +1334,63 @@ + BASIC_DEPRECATED_ARG_WITH([dxsdk-include]) + fi + ]) ++ ++################################################################################ ++# Setup system configuration libraries ++################################################################################ ++AC_DEFUN_ONCE([LIB_SETUP_SYSCONF_LIBS], ++[ ++ ############################################################################### ++ # ++ # Check for the NSS library ++ # ++ ++ AC_MSG_CHECKING([whether to use the system NSS library with the System Configurator (libsysconf)]) ++ ++ # default is not available ++ DEFAULT_SYSCONF_NSS=no ++ ++ AC_ARG_ENABLE([sysconf-nss], [AS_HELP_STRING([--enable-sysconf-nss], ++ [build the System Configurator (libsysconf) using the system NSS library if available @<:@disabled@:>@])], ++ [ ++ case "${enableval}" in ++ yes) ++ sysconf_nss=yes ++ ;; ++ *) ++ sysconf_nss=no ++ ;; ++ esac ++ ], ++ [ ++ sysconf_nss=${DEFAULT_SYSCONF_NSS} ++ ]) ++ AC_MSG_RESULT([$sysconf_nss]) ++ ++ USE_SYSCONF_NSS=false ++ if test "x${sysconf_nss}" = "xyes"; then ++ PKG_CHECK_MODULES(NSS, nss >= 3.53, [NSS_FOUND=yes], [NSS_FOUND=no]) ++ if test "x${NSS_FOUND}" = "xyes"; then ++ AC_MSG_CHECKING([for system FIPS support in NSS]) ++ saved_libs="${LIBS}" ++ saved_cflags="${CFLAGS}" ++ CFLAGS="${CFLAGS} ${NSS_CFLAGS}" ++ LIBS="${LIBS} ${NSS_LIBS}" ++ AC_LANG_PUSH([C]) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], ++ [[SECMOD_GetSystemFIPSEnabled()]])], ++ [AC_MSG_RESULT([yes])], ++ [AC_MSG_RESULT([no]) ++ AC_MSG_ERROR([System NSS FIPS detection unavailable])]) ++ AC_LANG_POP([C]) ++ CFLAGS="${saved_cflags}" ++ LIBS="${saved_libs}" ++ USE_SYSCONF_NSS=true ++ else ++ dnl NSS 3.53 is the one that introduces the SECMOD_GetSystemFIPSEnabled API ++ dnl in nss3/pk11pub.h. ++ AC_MSG_ERROR([--enable-sysconf-nss specified, but NSS 3.53 or above not found.]) ++ fi ++ fi ++ AC_SUBST(USE_SYSCONF_NSS) ++]) +--- openjdk/common/autoconf/spec.gmk.in 2022-02-08 15:00:13.864829794 +0100 ++++ openjdk/common/autoconf/spec.gmk.in 2022-02-08 15:00:30.560949558 +0100 +@@ -313,6 +313,10 @@ + ALSA_LIBS:=@ALSA_LIBS@ + ALSA_CFLAGS:=@ALSA_CFLAGS@ + ++USE_SYSCONF_NSS:=@USE_SYSCONF_NSS@ ++NSS_LIBS:=@NSS_LIBS@ ++NSS_CFLAGS:=@NSS_CFLAGS@ ++ + PACKAGE_PATH=@PACKAGE_PATH@ + + # Source file for cacerts +--- openjdk/common/bin/compare_exceptions.sh.incl 2022-02-08 15:00:13.864829794 +0100 ++++ openjdk/common/bin/compare_exceptions.sh.incl 2022-02-08 15:00:30.560949558 +0100 +@@ -280,6 +280,7 @@ + ./jre/lib/i386/libsplashscreen.so + ./jre/lib/i386/libsunec.so + ./jre/lib/i386/libsunwjdga.so ++./jre/lib/i386/libsystemconf.so + ./jre/lib/i386/libunpack.so + ./jre/lib/i386/libverify.so + ./jre/lib/i386/libzip.so +@@ -432,6 +433,7 @@ + ./jre/lib/amd64/libsplashscreen.so + ./jre/lib/amd64/libsunec.so + ./jre/lib/amd64/libsunwjdga.so ++./jre/lib/amd64/libsystemconf.so + ./jre/lib/amd64/libunpack.so + ./jre/lib/amd64/libverify.so + ./jre/lib/amd64/libzip.so +@@ -585,6 +587,7 @@ + ./jre/lib/sparc/libsplashscreen.so + ./jre/lib/sparc/libsunec.so + ./jre/lib/sparc/libsunwjdga.so ++./jre/lib/sparc/libsystemconf.so + ./jre/lib/sparc/libunpack.so + ./jre/lib/sparc/libverify.so + ./jre/lib/sparc/libzip.so +@@ -738,6 +741,7 @@ + ./jre/lib/sparcv9/libsplashscreen.so + ./jre/lib/sparcv9/libsunec.so + ./jre/lib/sparcv9/libsunwjdga.so ++./jre/lib/sparcv9/libsystemconf.so + ./jre/lib/sparcv9/libunpack.so + ./jre/lib/sparcv9/libverify.so + ./jre/lib/sparcv9/libzip.so +--- openjdk/common/nb_native/nbproject/configurations.xml 2022-02-08 15:00:13.868829822 +0100 ++++ openjdk/common/nb_native/nbproject/configurations.xml 2022-02-08 15:00:30.564949586 +0100 +@@ -53,6 +53,9 @@ + jvmtiEnterTrace.cpp + + ++ ++ systemconf.c ++ + + + +@@ -12771,6 +12774,11 @@ + ex="false" + tool="0" + flavor2="0"> ++ ++ + + () { ++ public Void run() { ++ System.loadLibrary(SYSTEMCONF_NATIVE_LIB); ++ return null; ++ } ++ }); ++ } ++ ++ /* ++ * Invoked when java.security.Security class is initialized, if ++ * java.security.disableSystemPropertiesFile property is not set and ++ * security.useSystemPropertiesFile is true. ++ */ ++ static boolean configure(Properties props) { ++ boolean loadedProps = false; ++ ++ try (BufferedInputStream bis = ++ new BufferedInputStream( ++ new FileInputStream(CRYPTO_POLICIES_JAVA_CONFIG))) { ++ props.load(bis); ++ loadedProps = true; ++ if (sdebug != null) { ++ sdebug.println("reading system security properties file " + ++ CRYPTO_POLICIES_JAVA_CONFIG); ++ sdebug.println(props.toString()); ++ } ++ } catch (IOException e) { ++ if (sdebug != null) { ++ sdebug.println("unable to load security properties from " + ++ CRYPTO_POLICIES_JAVA_CONFIG); ++ e.printStackTrace(); ++ } ++ } ++ ++ try { ++ if (enableFips()) { ++ if (sdebug != null) { sdebug.println("FIPS mode detected"); } ++ loadedProps = false; ++ // Remove all security providers ++ Iterator> i = props.entrySet().iterator(); ++ while (i.hasNext()) { ++ Entry e = i.next(); ++ if (((String) e.getKey()).startsWith("security.provider")) { ++ if (sdebug != null) { sdebug.println("Removing provider: " + e); } ++ i.remove(); ++ } ++ } ++ // Add FIPS security providers ++ String fipsProviderValue = null; ++ for (int n = 1; ++ (fipsProviderValue = (String) props.get("fips.provider." + n)) != null; n++) { ++ String fipsProviderKey = "security.provider." + n; ++ if (sdebug != null) { ++ sdebug.println("Adding provider " + n + ": " + ++ fipsProviderKey + "=" + fipsProviderValue); ++ } ++ props.put(fipsProviderKey, fipsProviderValue); ++ } ++ // Add other security properties ++ String keystoreTypeValue = (String) props.get("fips.keystore.type"); ++ if (keystoreTypeValue != null) { ++ String nonFipsKeystoreType = props.getProperty("keystore.type"); ++ props.put("keystore.type", keystoreTypeValue); ++ if (keystoreTypeValue.equals("PKCS11")) { ++ // If keystore.type is PKCS11, javax.net.ssl.keyStore ++ // must be "NONE". See JDK-8238264. ++ System.setProperty("javax.net.ssl.keyStore", "NONE"); ++ } ++ if (System.getProperty("javax.net.ssl.trustStoreType") == null) { ++ // If no trustStoreType has been set, use the ++ // previous keystore.type under FIPS mode. In ++ // a default configuration, the Trust Store will ++ // be 'cacerts' (JKS type). ++ System.setProperty("javax.net.ssl.trustStoreType", ++ nonFipsKeystoreType); ++ } ++ if (sdebug != null) { ++ sdebug.println("FIPS mode default keystore.type = " + ++ keystoreTypeValue); ++ sdebug.println("FIPS mode javax.net.ssl.keyStore = " + ++ System.getProperty("javax.net.ssl.keyStore", "")); ++ sdebug.println("FIPS mode javax.net.ssl.trustStoreType = " + ++ System.getProperty("javax.net.ssl.trustStoreType", "")); ++ } ++ } ++ loadedProps = true; ++ systemFipsEnabled = true; ++ String plainKeySupport = System.getProperty("com.suse.fips.plainKeySupport", ++ "true"); ++ plainKeySupportEnabled = !"false".equals(plainKeySupport); ++ if (sdebug != null) { ++ if (plainKeySupportEnabled) { ++ sdebug.println("FIPS support enabled with plain key support"); ++ } else { ++ sdebug.println("FIPS support enabled without plain key support"); ++ } ++ } ++ } ++ } catch (Exception e) { ++ if (sdebug != null) { ++ sdebug.println("unable to load FIPS configuration"); ++ e.printStackTrace(); ++ } ++ } ++ return loadedProps; ++ } ++ ++ /** ++ * Returns whether or not global system FIPS alignment is enabled. ++ * ++ * Value is always 'false' before java.security.Security class is ++ * initialized. ++ * ++ * Call from out of this package through SharedSecrets: ++ * SharedSecrets.getJavaSecuritySystemConfiguratorAccess() ++ * .isSystemFipsEnabled(); ++ * ++ * @return a boolean value indicating whether or not global ++ * system FIPS alignment is enabled. ++ */ ++ static boolean isSystemFipsEnabled() { ++ return systemFipsEnabled; ++ } ++ ++ /** ++ * Returns {@code true} if system FIPS alignment is enabled ++ * and plain key support is allowed. Plain key support is ++ * enabled by default but can be disabled with ++ * {@code -Dcom.suse.fips.plainKeySupport=false}. ++ * ++ * @return a boolean indicating whether plain key support ++ * should be enabled. ++ */ ++ static boolean isPlainKeySupportEnabled() { ++ return plainKeySupportEnabled; ++ } ++ ++ /* ++ * OpenJDK FIPS mode will be enabled only if the com.suse.fips ++ * system property is true (default) and the system is in FIPS mode. ++ * ++ * There are 2 possible ways in which OpenJDK detects that the system ++ * is in FIPS mode: 1) if the NSS SECMOD_GetSystemFIPSEnabled API is ++ * available at OpenJDK's built-time, it is called; 2) otherwise, the ++ * /proc/sys/crypto/fips_enabled file is read. ++ */ ++ private static boolean enableFips() throws IOException { ++ boolean shouldEnable = Boolean.valueOf(System.getProperty("com.suse.fips", "true")); ++ if (shouldEnable) { ++ if (sdebug != null) { ++ sdebug.println("Calling getSystemFIPSEnabled (libsystemconf)..."); ++ } ++ try { ++ shouldEnable = getSystemFIPSEnabled(); ++ if (sdebug != null) { ++ sdebug.println("Call to getSystemFIPSEnabled (libsystemconf) returned: " ++ + shouldEnable); ++ } ++ return shouldEnable; ++ } catch (IOException e) { ++ if (sdebug != null) { ++ sdebug.println("Call to getSystemFIPSEnabled (libsystemconf) failed:"); ++ sdebug.println(e.getMessage()); ++ } ++ throw e; ++ } ++ } else { ++ return false; ++ } ++ } ++} +--- openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 1970-01-01 01:00:00.000000000 +0100 ++++ openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 2022-02-08 15:03:03.346045505 +0100 +@@ -0,0 +1,31 @@ ++/* ++ * Copyright (c) 2020, Red Hat, Inc. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package sun.misc; ++ ++public interface JavaSecuritySystemConfiguratorAccess { ++ boolean isSystemFipsEnabled(); ++ boolean isPlainKeySupportEnabled(); ++} +--- openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2022-02-08 15:00:17.096852977 +0100 ++++ openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2022-02-08 15:00:30.568949614 +0100 +@@ -63,6 +63,7 @@ + private static JavaObjectInputStreamReadString javaObjectInputStreamReadString; + private static JavaObjectInputStreamAccess javaObjectInputStreamAccess; + private static JavaSecuritySignatureAccess javaSecuritySignatureAccess; ++ private static JavaSecuritySystemConfiguratorAccess javaSecuritySystemConfiguratorAccess; + + public static JavaUtilJarAccess javaUtilJarAccess() { + if (javaUtilJarAccess == null) { +@@ -248,4 +249,12 @@ + } + return javaxCryptoSealedObjectAccess; + } ++ ++ public static void setJavaSecuritySystemConfiguratorAccess(JavaSecuritySystemConfiguratorAccess jssca) { ++ javaSecuritySystemConfiguratorAccess = jssca; ++ } ++ ++ public static JavaSecuritySystemConfiguratorAccess getJavaSecuritySystemConfiguratorAccess() { ++ return javaSecuritySystemConfiguratorAccess; ++ } + } +--- openjdk/jdk/src/share/classes/sun/security/pkcs11/FIPSKeyImporter.java 1970-01-01 01:00:00.000000000 +0100 ++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/FIPSKeyImporter.java 2022-02-08 15:03:03.346045505 +0100 +@@ -0,0 +1,290 @@ ++/* ++ * Copyright (c) 2021, Red Hat, Inc. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package sun.security.pkcs11; ++ ++import java.math.BigInteger; ++import java.security.KeyFactory; ++import java.security.Provider; ++import java.security.Security; ++import java.util.HashMap; ++import java.util.Map; ++import java.util.concurrent.locks.ReentrantLock; ++ ++import javax.crypto.Cipher; ++import javax.crypto.spec.DHPrivateKeySpec; ++import javax.crypto.spec.IvParameterSpec; ++ ++import sun.security.jca.JCAUtil; ++import sun.security.pkcs11.TemplateManager; ++import sun.security.pkcs11.wrapper.CK_ATTRIBUTE; ++import sun.security.pkcs11.wrapper.CK_MECHANISM; ++import static sun.security.pkcs11.wrapper.PKCS11Constants.*; ++import sun.security.pkcs11.wrapper.PKCS11Exception; ++import sun.security.rsa.RSAUtil.KeyType; ++import sun.security.util.Debug; ++import sun.security.util.ECUtil; ++ ++final class FIPSKeyImporter { ++ ++ private static final Debug debug = ++ Debug.getInstance("sunpkcs11"); ++ ++ private static P11Key importerKey = null; ++ private static final ReentrantLock importerKeyLock = new ReentrantLock(); ++ private static CK_MECHANISM importerKeyMechanism = null; ++ private static Cipher importerCipher = null; ++ ++ private static Provider sunECProvider = null; ++ private static final ReentrantLock sunECProviderLock = new ReentrantLock(); ++ ++ private static KeyFactory DHKF = null; ++ private static final ReentrantLock DHKFLock = new ReentrantLock(); ++ ++ static Long importKey(SunPKCS11 sunPKCS11, long hSession, CK_ATTRIBUTE[] attributes) ++ throws PKCS11Exception { ++ long keyID = -1; ++ Token token = sunPKCS11.getToken(); ++ if (debug != null) { ++ debug.println("Private or Secret key will be imported in" + ++ " system FIPS mode."); ++ } ++ if (importerKey == null) { ++ importerKeyLock.lock(); ++ try { ++ if (importerKey == null) { ++ if (importerKeyMechanism == null) { ++ // Importer Key creation has not been tried yet. Try it. ++ createImporterKey(token); ++ } ++ if (importerKey == null || importerCipher == null) { ++ if (debug != null) { ++ debug.println("Importer Key could not be" + ++ " generated."); ++ } ++ throw new PKCS11Exception(CKR_GENERAL_ERROR); ++ } ++ if (debug != null) { ++ debug.println("Importer Key successfully" + ++ " generated."); ++ } ++ } ++ } finally { ++ importerKeyLock.unlock(); ++ } ++ } ++ long importerKeyID = importerKey.getKeyID(); ++ try { ++ byte[] keyBytes = null; ++ byte[] encKeyBytes = null; ++ long keyClass = 0L; ++ long keyType = 0L; ++ Map attrsMap = new HashMap<>(); ++ for (CK_ATTRIBUTE attr : attributes) { ++ if (attr.type == CKA_CLASS) { ++ keyClass = attr.getLong(); ++ } else if (attr.type == CKA_KEY_TYPE) { ++ keyType = attr.getLong(); ++ } ++ attrsMap.put(attr.type, attr); ++ } ++ BigInteger v = null; ++ if (keyClass == CKO_PRIVATE_KEY) { ++ if (keyType == CKK_RSA) { ++ if (debug != null) { ++ debug.println("Importing an RSA private key..."); ++ } ++ keyBytes = sun.security.rsa.RSAPrivateCrtKeyImpl.newKey( ++ KeyType.RSA, ++ null, ++ ((v = attrsMap.get(CKA_MODULUS).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_PUBLIC_EXPONENT).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_PRIVATE_EXPONENT).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_PRIME_1).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_PRIME_2).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_EXPONENT_1).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_EXPONENT_2).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_COEFFICIENT).getBigInteger()) != null) ++ ? v : BigInteger.ZERO ++ ).getEncoded(); ++ } else if (keyType == CKK_DSA) { ++ if (debug != null) { ++ debug.println("Importing a DSA private key..."); ++ } ++ keyBytes = new sun.security.provider.DSAPrivateKey( ++ ((v = attrsMap.get(CKA_VALUE).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_PRIME).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_SUBPRIME).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_BASE).getBigInteger()) != null) ++ ? v : BigInteger.ZERO ++ ).getEncoded(); ++ if (token.config.getNssNetscapeDbWorkaround() && ++ attrsMap.get(CKA_NETSCAPE_DB) == null) { ++ attrsMap.put(CKA_NETSCAPE_DB, ++ new CK_ATTRIBUTE(CKA_NETSCAPE_DB, BigInteger.ZERO)); ++ } ++ } else if (keyType == CKK_EC) { ++ if (debug != null) { ++ debug.println("Importing an EC private key..."); ++ } ++ if (sunECProvider == null) { ++ sunECProviderLock.lock(); ++ try { ++ if (sunECProvider == null) { ++ sunECProvider = Security.getProvider("SunEC"); ++ } ++ } finally { ++ sunECProviderLock.unlock(); ++ } ++ } ++ keyBytes = P11ECUtil.generateECPrivateKey( ++ ((v = attrsMap.get(CKA_VALUE).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ECUtil.getECParameterSpec(sunECProvider, ++ attrsMap.get(CKA_EC_PARAMS).getByteArray())) ++ .getEncoded(); ++ if (token.config.getNssNetscapeDbWorkaround() && ++ attrsMap.get(CKA_NETSCAPE_DB) == null) { ++ attrsMap.put(CKA_NETSCAPE_DB, ++ new CK_ATTRIBUTE(CKA_NETSCAPE_DB, BigInteger.ZERO)); ++ } ++ } else if (keyType == CKK_DH) { ++ if (debug != null) { ++ debug.println("Importing a Diffie-Hellman private key..."); ++ } ++ if (DHKF == null) { ++ DHKFLock.lock(); ++ try { ++ if (DHKF == null) { ++ DHKF = KeyFactory.getInstance( ++ "DH", P11Util.getSunJceProvider()); ++ } ++ } finally { ++ DHKFLock.unlock(); ++ } ++ } ++ DHPrivateKeySpec spec = new DHPrivateKeySpec ++ (((v = attrsMap.get(CKA_VALUE).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_PRIME).getBigInteger()) != null) ++ ? v : BigInteger.ZERO, ++ ((v = attrsMap.get(CKA_BASE).getBigInteger()) != null) ++ ? v : BigInteger.ZERO); ++ keyBytes = DHKF.generatePrivate(spec).getEncoded(); ++ if (token.config.getNssNetscapeDbWorkaround() && ++ attrsMap.get(CKA_NETSCAPE_DB) == null) { ++ attrsMap.put(CKA_NETSCAPE_DB, ++ new CK_ATTRIBUTE(CKA_NETSCAPE_DB, BigInteger.ZERO)); ++ } ++ } else { ++ if (debug != null) { ++ debug.println("Unrecognized private key type."); ++ } ++ throw new PKCS11Exception(CKR_GENERAL_ERROR); ++ } ++ } else if (keyClass == CKO_SECRET_KEY) { ++ if (debug != null) { ++ debug.println("Importing a secret key..."); ++ } ++ keyBytes = attrsMap.get(CKA_VALUE).getByteArray(); ++ } ++ if (keyBytes == null || keyBytes.length == 0) { ++ if (debug != null) { ++ debug.println("Private or secret key plain bytes could" + ++ " not be obtained. Import failed."); ++ } ++ throw new PKCS11Exception(CKR_GENERAL_ERROR); ++ } ++ importerCipher.init(Cipher.ENCRYPT_MODE, importerKey, ++ new IvParameterSpec((byte[])importerKeyMechanism.pParameter), ++ null); ++ attributes = new CK_ATTRIBUTE[attrsMap.size()]; ++ attrsMap.values().toArray(attributes); ++ encKeyBytes = importerCipher.doFinal(keyBytes); ++ attributes = token.getAttributes(TemplateManager.O_IMPORT, ++ keyClass, keyType, attributes); ++ keyID = token.p11.C_UnwrapKey(hSession, ++ importerKeyMechanism, importerKeyID, encKeyBytes, attributes); ++ if (debug != null) { ++ debug.println("Imported key ID: " + keyID); ++ } ++ } catch (Throwable t) { ++ throw new PKCS11Exception(CKR_GENERAL_ERROR); ++ } finally { ++ importerKey.releaseKeyID(); ++ } ++ return Long.valueOf(keyID); ++ } ++ ++ private static void createImporterKey(Token token) { ++ if (debug != null) { ++ debug.println("Generating Importer Key..."); ++ } ++ byte[] iv = new byte[16]; ++ JCAUtil.getSecureRandom().nextBytes(iv); ++ importerKeyMechanism = new CK_MECHANISM(CKM_AES_CBC_PAD, iv); ++ try { ++ CK_ATTRIBUTE[] attributes = token.getAttributes(TemplateManager.O_GENERATE, ++ CKO_SECRET_KEY, CKK_AES, new CK_ATTRIBUTE[] { ++ new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY), ++ new CK_ATTRIBUTE(CKA_VALUE_LEN, 256 >> 3)}); ++ Session s = null; ++ try { ++ s = token.getObjSession(); ++ long keyID = token.p11.C_GenerateKey( ++ s.id(), new CK_MECHANISM(CKM_AES_KEY_GEN), ++ attributes); ++ if (debug != null) { ++ debug.println("Importer Key ID: " + keyID); ++ } ++ importerKey = (P11Key)P11Key.secretKey(s, keyID, "AES", ++ 256 >> 3, null); ++ } catch (PKCS11Exception e) { ++ // best effort ++ } finally { ++ token.releaseSession(s); ++ } ++ if (importerKey != null) { ++ importerCipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); ++ } ++ } catch (Throwable t) { ++ // best effort ++ importerKey = null; ++ importerCipher = null; ++ // importerKeyMechanism value is kept initialized to indicate that ++ // Importer Key creation has been tried and failed. ++ } ++ } ++} +--- openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2022-02-08 15:00:17.144853321 +0100 ++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2022-02-08 15:03:03.350045534 +0100 +@@ -26,6 +26,9 @@ + package sun.security.pkcs11; + + import java.io.*; ++import java.lang.invoke.MethodHandle; ++import java.lang.invoke.MethodHandles; ++import java.lang.invoke.MethodType; + import java.util.*; + + import java.security.*; +@@ -42,6 +45,8 @@ + import javax.security.auth.callback.PasswordCallback; + import javax.security.auth.callback.TextOutputCallback; + ++import sun.misc.SharedSecrets; ++ + import sun.security.util.Debug; + import sun.security.util.ResourcesMgr; + +@@ -58,6 +63,29 @@ + */ + public final class SunPKCS11 extends AuthProvider { + ++ private static final boolean systemFipsEnabled = SharedSecrets ++ .getJavaSecuritySystemConfiguratorAccess().isSystemFipsEnabled(); ++ ++ private static final boolean plainKeySupportEnabled = SharedSecrets ++ .getJavaSecuritySystemConfiguratorAccess().isPlainKeySupportEnabled(); ++ ++ private static final MethodHandle fipsImportKey; ++ static { ++ MethodHandle fipsImportKeyTmp = null; ++ if (plainKeySupportEnabled) { ++ try { ++ fipsImportKeyTmp = MethodHandles.lookup().findStatic( ++ FIPSKeyImporter.class, "importKey", ++ MethodType.methodType(Long.class, SunPKCS11.class, ++ long.class, CK_ATTRIBUTE[].class)); ++ } catch (Throwable t) { ++ throw new SecurityException("FIPS key importer initialization" + ++ " failed", t); ++ } ++ } ++ fipsImportKey = fipsImportKeyTmp; ++ } ++ + private static final long serialVersionUID = -1354835039035306505L; + + static final Debug debug = Debug.getInstance("sunpkcs11"); +@@ -320,10 +348,15 @@ + // request multithreaded access first + initArgs.flags = CKF_OS_LOCKING_OK; + PKCS11 tmpPKCS11; ++ MethodHandle fipsKeyImporter = null; ++ if (plainKeySupportEnabled) { ++ fipsKeyImporter = MethodHandles.insertArguments( ++ fipsImportKey, 0, this); ++ } + try { + tmpPKCS11 = PKCS11.getInstance( + library, functionList, initArgs, +- config.getOmitInitialize()); ++ config.getOmitInitialize(), fipsKeyImporter); + } catch (PKCS11Exception e) { + if (debug != null) { + debug.println("Multi-threaded initialization failed: " + e); +@@ -339,7 +372,7 @@ + initArgs.flags = 0; + } + tmpPKCS11 = PKCS11.getInstance(library, +- functionList, initArgs, config.getOmitInitialize()); ++ functionList, initArgs, config.getOmitInitialize(), fipsKeyImporter); + } + p11 = tmpPKCS11; + +@@ -379,6 +412,24 @@ + if (nssModule != null) { + nssModule.setProvider(this); + } ++ if (systemFipsEnabled) { ++ // The NSS Software Token in FIPS 140-2 mode requires a user ++ // login for most operations. See sftk_fipsCheck. The NSS DB ++ // (/etc/pki/nssdb) PIN is empty. ++ Session session = null; ++ try { ++ session = token.getOpSession(); ++ p11.C_Login(session.id(), CKU_USER, new char[] {}); ++ } catch (PKCS11Exception p11e) { ++ if (debug != null) { ++ debug.println("Error during token login: " + ++ p11e.getMessage()); ++ } ++ throw p11e; ++ } finally { ++ token.releaseSession(session); ++ } ++ } + } catch (Exception e) { + if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) { + throw new UnsupportedOperationException +--- openjdk/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11.java 2022-02-08 15:00:17.148853350 +0100 ++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11.java 2022-02-08 15:03:03.350045534 +0100 +@@ -49,6 +49,7 @@ + + import java.io.File; + import java.io.IOException; ++import java.lang.invoke.MethodHandle; + import java.util.*; + + import java.security.AccessController; +@@ -147,17 +148,29 @@ + + public static synchronized PKCS11 getInstance(String pkcs11ModulePath, + String functionList, CK_C_INITIALIZE_ARGS pInitArgs, +- boolean omitInitialize) throws IOException, PKCS11Exception { ++ boolean omitInitialize, MethodHandle fipsKeyImporter) ++ throws IOException, PKCS11Exception { + // we may only call C_Initialize once per native .so/.dll + // so keep a cache using the (non-canonicalized!) path + PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath); + if (pkcs11 == null) { ++ boolean nssFipsMode = fipsKeyImporter != null; + if ((pInitArgs != null) + && ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) { ++ if (nssFipsMode) { ++ pkcs11 = new FIPSPKCS11(pkcs11ModulePath, functionList, ++ fipsKeyImporter); ++ } else { + pkcs11 = new PKCS11(pkcs11ModulePath, functionList); ++ } ++ } else { ++ if (nssFipsMode) { ++ pkcs11 = new SynchronizedFIPSPKCS11(pkcs11ModulePath, ++ functionList, fipsKeyImporter); + } else { + pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList); + } ++ } + if (omitInitialize == false) { + try { + pkcs11.C_Initialize(pInitArgs); +@@ -1905,4 +1918,69 @@ + super.C_GenerateRandom(hSession, randomData); + } + } ++ ++// PKCS11 subclass that allows using plain private or secret keys in ++// FIPS-configured NSS Software Tokens. Only used when System FIPS ++// is enabled. ++static class FIPSPKCS11 extends PKCS11 { ++ private MethodHandle fipsKeyImporter; ++ FIPSPKCS11(String pkcs11ModulePath, String functionListName, ++ MethodHandle fipsKeyImporter) throws IOException { ++ super(pkcs11ModulePath, functionListName); ++ this.fipsKeyImporter = fipsKeyImporter; ++ } ++ ++ public synchronized long C_CreateObject(long hSession, ++ CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { ++ // Creating sensitive key objects from plain key material in a ++ // FIPS-configured NSS Software Token is not allowed. We apply ++ // a key-unwrapping scheme to achieve so. ++ if (FIPSPKCS11Helper.isSensitiveObject(pTemplate)) { ++ try { ++ return ((Long)fipsKeyImporter.invoke(hSession, pTemplate)) ++ .longValue(); ++ } catch (Throwable t) { ++ throw new PKCS11Exception(CKR_GENERAL_ERROR); ++ } ++ } ++ return super.C_CreateObject(hSession, pTemplate); ++ } ++} ++ ++// FIPSPKCS11 synchronized counterpart. ++static class SynchronizedFIPSPKCS11 extends SynchronizedPKCS11 { ++ private MethodHandle fipsKeyImporter; ++ SynchronizedFIPSPKCS11(String pkcs11ModulePath, String functionListName, ++ MethodHandle fipsKeyImporter) throws IOException { ++ super(pkcs11ModulePath, functionListName); ++ this.fipsKeyImporter = fipsKeyImporter; ++ } ++ ++ public synchronized long C_CreateObject(long hSession, ++ CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { ++ // See FIPSPKCS11::C_CreateObject. ++ if (FIPSPKCS11Helper.isSensitiveObject(pTemplate)) { ++ try { ++ return ((Long)fipsKeyImporter.invoke(hSession, pTemplate)) ++ .longValue(); ++ } catch (Throwable t) { ++ throw new PKCS11Exception(CKR_GENERAL_ERROR); ++ } ++ } ++ return super.C_CreateObject(hSession, pTemplate); ++ } ++} ++ ++private static class FIPSPKCS11Helper { ++ static boolean isSensitiveObject(CK_ATTRIBUTE[] pTemplate) { ++ for (CK_ATTRIBUTE attr : pTemplate) { ++ if (attr.type == CKA_CLASS && ++ (attr.getLong() == CKO_PRIVATE_KEY || ++ attr.getLong() == CKO_SECRET_KEY)) { ++ return true; ++ } ++ } ++ return false; ++ } ++} + } +--- openjdk/jdk/src/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java 2022-02-08 15:00:17.152853378 +0100 ++++ openjdk/jdk/src/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java 2022-02-08 15:03:03.350045534 +0100 +@@ -33,8 +33,13 @@ + + import javax.net.ssl.*; + ++import sun.misc.SharedSecrets; ++ + abstract class KeyManagerFactoryImpl extends KeyManagerFactorySpi { + ++ private static final boolean plainKeySupportEnabled = SharedSecrets ++ .getJavaSecuritySystemConfiguratorAccess().isPlainKeySupportEnabled(); ++ + X509ExtendedKeyManager keyManager; + boolean isInitialized; + +@@ -62,7 +67,8 @@ + KeyStoreException, NoSuchAlgorithmException, + UnrecoverableKeyException { + if ((ks != null) && SunJSSE.isFIPS()) { +- if (ks.getProvider() != SunJSSE.cryptoProvider) { ++ if (ks.getProvider() != SunJSSE.cryptoProvider && ++ !plainKeySupportEnabled) { + throw new KeyStoreException("FIPS mode: KeyStore must be " + + "from provider " + SunJSSE.cryptoProvider.getName()); + } +@@ -91,8 +97,8 @@ + keyManager = new X509KeyManagerImpl( + Collections.emptyList()); + } else { +- if (SunJSSE.isFIPS() && +- (ks.getProvider() != SunJSSE.cryptoProvider)) { ++ if (SunJSSE.isFIPS() && (ks.getProvider() != SunJSSE.cryptoProvider) ++ && !plainKeySupportEnabled) { + throw new KeyStoreException( + "FIPS mode: KeyStore must be " + + "from provider " + SunJSSE.cryptoProvider.getName()); +--- openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2022-02-08 15:00:17.152853378 +0100 ++++ openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2022-02-08 15:00:30.568949614 +0100 +@@ -31,6 +31,7 @@ + import java.security.cert.*; + import java.util.*; + import javax.net.ssl.*; ++import sun.misc.SharedSecrets; + import sun.security.action.GetPropertyAction; + import sun.security.provider.certpath.AlgorithmChecker; + import sun.security.validator.Validator; +@@ -539,6 +540,23 @@ + + static { + if (SunJSSE.isFIPS()) { ++ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess() ++ .isSystemFipsEnabled()) { ++ // RH1860986: TLSv1.3 key derivation not supported with ++ // the Security Providers available in system FIPS mode. ++ supportedProtocols = Arrays.asList( ++ ProtocolVersion.TLS12, ++ ProtocolVersion.TLS11, ++ ProtocolVersion.TLS10 ++ ); ++ ++ serverDefaultProtocols = getAvailableProtocols( ++ new ProtocolVersion[] { ++ ProtocolVersion.TLS12, ++ ProtocolVersion.TLS11, ++ ProtocolVersion.TLS10 ++ }); ++ } else { + supportedProtocols = Arrays.asList( + ProtocolVersion.TLS13, + ProtocolVersion.TLS12, +@@ -553,6 +571,7 @@ + ProtocolVersion.TLS11, + ProtocolVersion.TLS10 + }); ++ } + } else { + supportedProtocols = Arrays.asList( + ProtocolVersion.TLS13, +@@ -612,6 +631,16 @@ + + static ProtocolVersion[] getSupportedProtocols() { + if (SunJSSE.isFIPS()) { ++ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess() ++ .isSystemFipsEnabled()) { ++ // RH1860986: TLSv1.3 key derivation not supported with ++ // the Security Providers available in system FIPS mode. ++ return new ProtocolVersion[] { ++ ProtocolVersion.TLS12, ++ ProtocolVersion.TLS11, ++ ProtocolVersion.TLS10 ++ }; ++ } + return new ProtocolVersion[] { + ProtocolVersion.TLS13, + ProtocolVersion.TLS12, +@@ -939,6 +968,16 @@ + + static ProtocolVersion[] getProtocols() { + if (SunJSSE.isFIPS()) { ++ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess() ++ .isSystemFipsEnabled()) { ++ // RH1860986: TLSv1.3 key derivation not supported with ++ // the Security Providers available in system FIPS mode. ++ return new ProtocolVersion[] { ++ ProtocolVersion.TLS12, ++ ProtocolVersion.TLS11, ++ ProtocolVersion.TLS10 ++ }; ++ } + return new ProtocolVersion[]{ + ProtocolVersion.TLS12, + ProtocolVersion.TLS11, +--- openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2022-02-08 15:00:17.156853408 +0100 ++++ openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2022-02-08 15:00:30.568949614 +0100 +@@ -30,6 +30,8 @@ + + import java.security.*; + ++import sun.misc.SharedSecrets; ++ + /** + * The JSSE provider. + * +@@ -215,8 +217,13 @@ + "sun.security.ssl.SSLContextImpl$TLS11Context"); + put("SSLContext.TLSv1.2", + "sun.security.ssl.SSLContextImpl$TLS12Context"); ++ if (!SharedSecrets.getJavaSecuritySystemConfiguratorAccess() ++ .isSystemFipsEnabled()) { ++ // RH1860986: TLSv1.3 key derivation not supported with ++ // the Security Providers available in system FIPS mode. + put("SSLContext.TLSv1.3", + "sun.security.ssl.SSLContextImpl$TLS13Context"); ++ } + put("SSLContext.TLS", + "sun.security.ssl.SSLContextImpl$TLSContext"); + if (isfips == false) { +--- openjdk/jdk/src/share/lib/security/java.security-linux 2022-02-08 15:00:17.300854441 +0100 ++++ openjdk/jdk/src/share/lib/security/java.security-linux 2022-02-08 15:00:30.568949614 +0100 +@@ -80,6 +80,14 @@ + #security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg + + # ++# Security providers used when global crypto-policies are set to FIPS. ++# ++fips.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.fips.cfg ++fips.provider.2=sun.security.provider.Sun ++fips.provider.3=sun.security.ec.SunEC ++fips.provider.4=com.sun.net.ssl.internal.ssl.Provider SunPKCS11-NSS-FIPS ++ ++# + # Sun Provider SecureRandom seed source. + # + # Select the primary source of seed data for the "SHA1PRNG" and +@@ -175,6 +183,11 @@ + keystore.type=jks + + # ++# Default keystore type used when global crypto-policies are set to FIPS. ++# ++fips.keystore.type=PKCS11 ++ ++# + # Controls compatibility mode for the JKS keystore type. + # + # When set to 'true', the JKS keystore type supports loading +--- openjdk/jdk/src/solaris/native/java/security/systemconf.c 1970-01-01 01:00:00.000000000 +0100 ++++ openjdk/jdk/src/solaris/native/java/security/systemconf.c 2022-02-08 15:00:30.568949614 +0100 +@@ -0,0 +1,170 @@ ++/* ++ * Copyright (c) 2021, Red Hat, Inc. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++#include ++#include ++#include ++#include ++ ++#ifdef SYSCONF_NSS ++#include ++#endif //SYSCONF_NSS ++ ++#include "java_security_SystemConfigurator.h" ++ ++#define FIPS_ENABLED_PATH "/proc/sys/crypto/fips_enabled" ++#define MSG_MAX_SIZE 96 ++ ++static jmethodID debugPrintlnMethodID = NULL; ++static jobject debugObj = NULL; ++ ++static void throwIOException(JNIEnv *env, const char *msg); ++static void dbgPrint(JNIEnv *env, const char* msg); ++ ++/* ++ * Class: java_security_SystemConfigurator ++ * Method: JNI_OnLoad ++ */ ++JNIEXPORT jint JNICALL DEF_JNI_OnLoad(JavaVM *vm, void *reserved) ++{ ++ JNIEnv *env; ++ jclass sysConfCls, debugCls; ++ jfieldID sdebugFld; ++ ++ if ((*vm)->GetEnv(vm, (void**) &env, JNI_VERSION_1_2) != JNI_OK) { ++ return JNI_EVERSION; /* JNI version not supported */ ++ } ++ ++ sysConfCls = (*env)->FindClass(env,"java/security/SystemConfigurator"); ++ if (sysConfCls == NULL) { ++ printf("libsystemconf: SystemConfigurator class not found\n"); ++ return JNI_ERR; ++ } ++ sdebugFld = (*env)->GetStaticFieldID(env, sysConfCls, ++ "sdebug", "Lsun/security/util/Debug;"); ++ if (sdebugFld == NULL) { ++ printf("libsystemconf: SystemConfigurator::sdebug field not found\n"); ++ return JNI_ERR; ++ } ++ debugObj = (*env)->GetStaticObjectField(env, sysConfCls, sdebugFld); ++ if (debugObj != NULL) { ++ debugCls = (*env)->FindClass(env,"sun/security/util/Debug"); ++ if (debugCls == NULL) { ++ printf("libsystemconf: Debug class not found\n"); ++ return JNI_ERR; ++ } ++ debugPrintlnMethodID = (*env)->GetMethodID(env, debugCls, ++ "println", "(Ljava/lang/String;)V"); ++ if (debugPrintlnMethodID == NULL) { ++ printf("libsystemconf: Debug::println(String) method not found\n"); ++ return JNI_ERR; ++ } ++ debugObj = (*env)->NewGlobalRef(env, debugObj); ++ } ++ ++ return (*env)->GetVersion(env); ++} ++ ++/* ++ * Class: java_security_SystemConfigurator ++ * Method: JNI_OnUnload ++ */ ++JNIEXPORT void JNICALL DEF_JNI_OnUnload(JavaVM *vm, void *reserved) ++{ ++ JNIEnv *env; ++ ++ if (debugObj != NULL) { ++ if ((*vm)->GetEnv(vm, (void**) &env, JNI_VERSION_1_2) != JNI_OK) { ++ return; /* Should not happen */ ++ } ++ (*env)->DeleteGlobalRef(env, debugObj); ++ } ++} ++ ++JNIEXPORT jboolean JNICALL Java_java_security_SystemConfigurator_getSystemFIPSEnabled ++ (JNIEnv *env, jclass cls) ++{ ++ int fips_enabled; ++ char msg[MSG_MAX_SIZE]; ++ int msg_bytes; ++ ++#ifdef SYSCONF_NSS ++ ++ dbgPrint(env, "getSystemFIPSEnabled: calling SECMOD_GetSystemFIPSEnabled"); ++ fips_enabled = SECMOD_GetSystemFIPSEnabled(); ++ msg_bytes = snprintf(msg, MSG_MAX_SIZE, "getSystemFIPSEnabled:" \ ++ " SECMOD_GetSystemFIPSEnabled returned 0x%x", fips_enabled); ++ if (msg_bytes > 0 && msg_bytes < MSG_MAX_SIZE) { ++ dbgPrint(env, msg); ++ } else { ++ dbgPrint(env, "getSystemFIPSEnabled: cannot render" \ ++ " SECMOD_GetSystemFIPSEnabled return value"); ++ } ++ return (fips_enabled == 1 ? JNI_TRUE : JNI_FALSE); ++ ++#else // SYSCONF_NSS ++ ++ FILE *fe; ++ ++ dbgPrint(env, "getSystemFIPSEnabled: reading " FIPS_ENABLED_PATH); ++ if ((fe = fopen(FIPS_ENABLED_PATH, "r")) == NULL) { ++ throwIOException(env, "Cannot open " FIPS_ENABLED_PATH); ++ return JNI_FALSE; ++ } ++ fips_enabled = fgetc(fe); ++ fclose(fe); ++ if (fips_enabled == EOF) { ++ throwIOException(env, "Cannot read " FIPS_ENABLED_PATH); ++ return JNI_FALSE; ++ } ++ msg_bytes = snprintf(msg, MSG_MAX_SIZE, "getSystemFIPSEnabled:" \ ++ " read character is '%c'", fips_enabled); ++ if (msg_bytes > 0 && msg_bytes < MSG_MAX_SIZE) { ++ dbgPrint(env, msg); ++ } else { ++ dbgPrint(env, "getSystemFIPSEnabled: cannot render" \ ++ " read character"); ++ } ++ return (fips_enabled == '1' ? JNI_TRUE : JNI_FALSE); ++ ++#endif // SYSCONF_NSS ++} ++ ++static void throwIOException(JNIEnv *env, const char *msg) ++{ ++ jclass cls = (*env)->FindClass(env, "java/io/IOException"); ++ if (cls != 0) ++ (*env)->ThrowNew(env, cls, msg); ++} ++ ++static void dbgPrint(JNIEnv *env, const char* msg) ++{ ++ jstring jMsg; ++ if (debugObj != NULL) { ++ jMsg = (*env)->NewStringUTF(env, msg); ++ CHECK_NULL(jMsg); ++ (*env)->CallVoidMethod(env, debugObj, debugPrintlnMethodID, jMsg); ++ } ++} diff --git a/icedtea-3.30.0.tar.xz b/icedtea-3.30.0.tar.xz new file mode 100644 index 0000000..9f02f79 --- /dev/null +++ b/icedtea-3.30.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:600beb80f1c5a6dc6c6a8ed88a068a2c6d3777e225f6c97fcb812b9a35094940 +size 1573116 diff --git a/icedtea-3.8.0-s390.patch b/icedtea-3.8.0-s390.patch new file mode 100644 index 0000000..6c088df --- /dev/null +++ b/icedtea-3.8.0-s390.patch @@ -0,0 +1,11 @@ +--- icedtea-3.8.0/javac.in 2018-05-29 18:11:09.984573705 +0200 ++++ icedtea-3.8.0/javac.in 2018-09-21 15:08:36.603644127 +0200 +@@ -22,7 +22,7 @@ + unless grep {$_ eq '-bootclasspath'} @ARGV; + my @ecj_parms = ($ECJ_WARNINGS, @bcoption); + my @javac_parms = ($JAVAC_WARNINGS, '-Xprefer:source', +- '-XDignore.symbol.file=true', '-J-Xmx1024m'); ++ '-XDignore.symbol.file=true', '-J-Xmx786m'); + + # Work around ecj's inability to handle duplicate command-line + # options and unknown javac options. diff --git a/java-1_8_0-openjdk-suse-desktop-files.patch b/java-1_8_0-openjdk-suse-desktop-files.patch new file mode 100644 index 0000000..c87f045 --- /dev/null +++ b/java-1_8_0-openjdk-suse-desktop-files.patch @@ -0,0 +1,24 @@ +--- icedtea-3.0.1/jconsole.desktop.in 2016-04-24 08:37:01.989304092 +0200 ++++ icedtea-3.0.1/jconsole.desktop.in 2016-04-27 09:46:17.592085490 +0200 +@@ -1,5 +1,6 @@ + [Desktop Entry] + Name=OpenJDK @JAVA_VER@ for @target_cpu@ Monitoring & Management Console (@OPENJDK_VER@) ++GenericName=OpenJDK @JAVA_VER@ Policy Tool + Comment=Monitor and manage OpenJDK applications + Exec=_SDKBINDIR_/jconsole + Icon=java-@JAVA_VER@-@JAVA_VENDOR@ +--- icedtea-3.0.1/policytool.desktop.in 2016-04-24 08:37:02.001303877 +0200 ++++ icedtea-3.0.1/policytool.desktop.in 2016-04-27 09:45:32.061111551 +0200 +@@ -1,10 +1,11 @@ + [Desktop Entry] + Name=OpenJDK @JAVA_VER@ for @target_cpu@ Policy Tool (@OPENJDK_VER@) ++GenericName=OpenJDK @JAVA_VER@ Policy Tool + Comment=Manage OpenJDK policy files + Exec=_JREBINDIR_/policytool + Icon=java-@JAVA_VER@-@JAVA_VENDOR@ + Terminal=false + Type=Application + StartupWMClass=sun-security-tools-PolicyTool +-Categories=Settings;Java; ++Categories=System;DesktopSettings;Security; + Version=1.0 diff --git a/java-1_8_0-openjdk.changes b/java-1_8_0-openjdk.changes new file mode 100644 index 0000000..7a3fac4 --- /dev/null +++ b/java-1_8_0-openjdk.changes @@ -0,0 +1,9672 @@ +------------------------------------------------------------------- +Tue Feb 6 12:10:43 UTC 2024 - Fridrich Strba + +- Update to version jdk8u402 (icedtea-3.30.0) + * Security fixes + + JDK-8308204: Enhanced certificate processing + + JDK-8314284, CVE-2024-20926, bsc#1218906: Enhance Nashorn + performance + + JDK-8314295, CVE-2024-20919, bsc#1218903: Enhance + verification of verifier + + JDK-8314307, CVE-2024-20921, bsc#1218905: Improve loop + handling + + JDK-8314468, CVE-2024-20918, bsc#1218907: Improve Compiler + loops + + JDK-8316976, CVE-2024-20945, bsc#1218909: Improve signature + handling + + JDK-8317547, CVE-2024-20952, bsc#1218911: Enhance TLS + connection support + * Import of OpenJDK 8 u402 build 06 + + JDK-6528710: sRGB-ColorSpace to sRGB-ColorSpace Conversion + + JDK-8029995: accept yes/no for boolean krb5.conf settings + + JDK-8159156: [TESTBUG] ReserveMemory test is not useful on + Aix. + + JDK-8176509: Use pandoc for converting build readme to html + + JDK-8206179: com/sun/management/OperatingSystemMXBean/ + /GetCommittedVirtualMemorySize.java fails with Committed + virtual memory size illegal value + + JDK-8207404: MulticastSocket tests failing on AIX + + JDK-8212677: X11 default visual support for IM status window + on VNC + + JDK-8239365: ProcessBuilder test modifications for AIX + execution + + JDK-8271838: AmazonCA.java interop test fails + + JDK-8285398: Cache the results of constraint checks + + JDK-8285696: AlgorithmConstraints:permits not throwing + IllegalArgumentException when 'alg' is null + + JDK-8302017: Allocate BadPaddingException only if it will be + thrown + + JDK-8305329: [8u] Unify test libraries into single test + library - step 1 + + JDK-8307837: [8u] Check step in GHA should also print errors + + JDK-8309088: security/infra/java/security/cert/ + /CertPathValidator/certification/AmazonCA.java fails + + JDK-8311813: C1: Uninitialized PhiResolver::_loop field + + JDK-8312489: Increase jdk.jar.maxSignatureFileSize default + which is too low for JARs such as WhiteSource/Mend unified agent jar + + JDK-8312535: MidiSystem.getSoundbank() throws unexpected + SecurityException + + JDK-8315280: Bump update version of OpenJDK: 8u402 + + JDK-8315506: C99 compatibility issue in LinuxNativeDispatcher + + JDK-8317291: Missing null check for + nmethod::is_native_method() + + JDK-8317373: Add Telia Root CA v2 + + JDK-8317374: Add Let's Encrypt ISRG Root X2 + + JDK-8318759: Add four DigiCert root certificates + + JDK-8319187: Add three eMudhra emSign roots + + JDK-8319405: [s390] [jdk8] Increase javac default stack size + for s390x zero + + JDK-8320597: RSA signature verification fails on signed data + that does not encode params correctly + * Bug fixes + + JDK-8324184: Windows VS2010 build failed with "error C2275: + 'int64_t'" + +------------------------------------------------------------------- +Tue Nov 14 06:00:16 UTC 2023 - Fridrich Strba + +- Update to version jdk8u392 (icedtea-3.29.0) + * October 2023 CPU + * CVEs + + CVE-2023-22067, bsc#1216379 + + CVE-2023-22081, bsc#1216374 + * Security fixes + + JDK-8286503, JDK-8312367: Enhance security classes + + JDK-8297856: Improve handling of Bidi characters + + JDK-8303384: Improved communication in CORBA + + JDK-8305815, JDK-8307278: Update Libpng to 1.6.39 + + JDK-8309966: Enhanced TLS connections + * Import of OpenJDK 8 u392 build 08 + + JDK-6722928: Provide a default native GSS-API library on + Windows + + JDK-8040887: [TESTBUG] Remove + test/runtime/6925573/SortMethodsTest.java + + JDK-8042726: [TESTBUG] TEST.groups file was not updated after + runtime/6925573/SortMethodsTest.java removal + + JDK-8139348: Deprecate 3DES and RC4 in Kerberos + + JDK-8173072: zipfs fails to handle incorrect info-zip + "extended timestamp extra field" + + JDK-8200468: Port the native GSS-API bridge to Windows + + JDK-8202952: C2: Unexpected dead nodes after matching + + JDK-8205399: Set node color on pinned HashMap.TreeNode + deletion + + JDK-8209115: adjust libsplashscreen linux ppc64le builds for + easier libpng update + + JDK-8214046: [macosx] Undecorated Frame does not Iconify when + set to + + JDK-8219804: java/net/MulticastSocket/Promiscuous.java fails + intermittently due to NumberFormatException + + JDK-8225687: Newly added sspi.cpp in JDK-6722928 still + contains some small errors + + JDK-8232225: Rework the fix for JDK-8071483 + + JDK-8242330: Arrays should be cloned in several JAAS Callback + classes + + JDK-8253269: The CheckCommonColors test should provide more + info on failure + + JDK-8283441: C2: segmentation fault in + ciMethodBlocks::make_block_at(int) + + JDK-8284910: Buffer clean in PasswordCallback + + JDK-8287073: NPE from CgroupV2Subsystem.getInstance() + + JDK-8287663: Add a regression test for JDK-8287073 + + JDK-8295685: Update Libpng to 1.6.38 + + JDK-8295894: Remove SECOM certificate that is expiring in + September 2023 + + JDK-8308788: [8u] Remove duplicate HaricaCA.java test + + JDK-8309122: Bump update version of OpenJDK: 8u392 + + JDK-8309143: [8u] fix archiving inconsistencies in GHA + + JDK-8310026: [8u] make java_lang_String::hash_code consistent + across platforms + + JDK-8314960: Add Certigna Root CA - 2 + + JDK-8315135: Memory leak in the native implementation of + Pack200.Unpacker.unpack() + + JDK-8317040: Exclude cleaner test failing on older releases +- Added patch: + * bsc1211968.patch + + fix bsc#1211968: SLES12SP5 vulnerable to CVE-2015-4000 + (Logjam)? + +------------------------------------------------------------------- +Mon Jul 31 05:52:03 UTC 2023 - Fridrich Strba + +- Update to version jdk8u382 (icedtea-3.28.0) + * July 2023 CPU + * CVEs + + CVE-2023-22045, bsc#1213481 + + CVE-2023-22049, bsc#1213482 + * Security fixes + + JDK-8298676: Enhanced Look and Feel + + JDK-8300596: Enhance Jar Signature validation + + JDK-8304468: Better array usages + + JDK-8305312: Enhanced path handling + * Import of OpenJDK 8 u382 build 05 + + JDK-8072678: Wrong exception messages in + java.awt.color.ICC_ColorSpace + + JDK-8151460: Metaspace counters can have inconsistent values + + JDK-8152432: Implement setting jtreg @requires properties + vm.flavor, vm.bits, vm.compMode + + JDK-8185736: missing default exception handler in calls to + rethrow_Stub + + JDK-8186801: Add regression test to test mapping based + charsets (generated at build time) + + JDK-8215105: java/awt/Robot/HiDPIScreenCapture/ + /ScreenCaptureTest.java: Wrong Pixel Color + + JDK-8241311: Move some charset mapping tests from closed to + open + + JDK-8263059: security/infra/java/security/cert/ + /CertPathValidator/certification/ComodoCA.java fails due to + revoked cert + + JDK-8268558: [TESTBUG] Case 2 in + TestP11KeyFactoryGetRSAKeySpec is skipped + + JDK-8271199: Mutual TLS handshake fails signing client + certificate with custom sensitive PKCS11 key + + JDK-8276841: Add support for Visual Studio 2022 + + JDK-8277881: Missing SessionID in TLS1.3 resumption in + compatibility mode + + JDK-8278851: Correct signer logic for jars signed with + multiple digest algorithms + + JDK-8282345: handle latest VS2022 in abstract_vm_version + + JDK-8282600: SSLSocketImpl should not use user_canceled + workaround when not necessary + + JDK-8285515: (dc) DatagramChannel.disconnect fails with + "Invalid argument" on macOS 12.4 + + JDK-8289301: P11Cipher should not throw out of bounds + exception during padding + + JDK-8293232: Fix race condition in pkcs11 SessionManager + + JDK-8293815: P11PSSSignature.engineUpdate should not print + debug messages during normal operation + + JDK-8295530: Update Zlib Data Compression Library to Version + 1.2.13 + + JDK-8298108: Add a regression test for JDK-8297684 + + JDK-8298271: java/security/SignedJar/spi-calendar-provider/ + /TestSPISigned.java failing on Windows + + JDK-8301119: Support for GB18030-2022 + + JDK-8301400: Allow additional characters for GB18030-2022 + support + + JDK-8302791: Add specific ClassLoader object to Proxy + IllegalArgumentException message + + JDK-8303028: Update system property for Java SE specification + maintenance version + + JDK-8303462: Bump update version of OpenJDK: 8u382 + + JDK-8304760: Add 2 Microsoft TLS roots + + JDK-8305165: [8u] ServiceThread::nmethods_do is not called to + keep nmethods from being zombied while in the queue + + JDK-8305681: Allow additional characters for GB18030-2022 + (Level 2) support + + JDK-8305975: Add TWCA Global Root CA + + JDK-8307134: Add GTS root CAs + + JDK-8307310: Backport the tests for JDK-8058969 and + JDK-8039271 to the OpenJDK8 + + JDK-8307531: [aarch64] JDK8 single-step debugging is + extremely slow + + JDK-8310947: gb18030-2000 not selectable with + LANG=zh_CN.GB18030 after JDK-8301119 + +------------------------------------------------------------------- +Wed May 3 13:31:26 UTC 2023 - Fridrich Strba + +- Update to version jdk8u372 (icedtea-3.27.0) + * April 2023 CPU + * CVEs + + CVE-2023-21930, bsc#1210628 + + CVE-2023-21937, bsc#1210631 + + CVE-2023-21938, bsc#1210632 + + CVE-2023-21939, bsc#1210634 + + CVE-2023-21954, bsc#1210635 + + CVE-2023-21967, bsc#1210636 + + CVE-2023-21968, bsc#1210637 + * Security fixes + + JDK-8287404: Improve ping times + + JDK-8288436: Improve Xalan supports + + JDK-8294474: Better AES support + + JDK-8295304: Runtime support improvements + + JDK-8296496, JDK-8292652: Overzealous check in sizecalc.h + prevents large memory allocation + + JDK-8296676, JDK-8296622: Improve String platform support + + JDK-8296684: Improve String platform support + + JDK-8296692: Improve String platform support + + JDK-8296700: Improve String platform support + + JDK-8296832: Improve Swing platform support + + JDK-8297371: Improve UTF8 representation redux + + JDK-8298191: Enhance object reclamation process + + JDK-8298310: Enhance TLS session negotiation + + JDK-8298667: Improved path handling + + JDK-8299129: Enhance NameService lookups + * Import of OpenJDK 8 u372 build 07 + + JDK-6734341: REGTEST fails: SelectionAutoscrollTest.html + + JDK-6829250: Reg test: java/awt/Toolkit/ScreenInsetsTest/ + /ScreenInsetsTest.java fails in Windows + + JDK-7001973: java/awt/Graphics2D/CopyAreaOOB.java fails + + JDK-7124238: [macosx] Font in BasicHTML document is bigger + than it should be + + JDK-7124381: DragSourceListener.dragDropEnd() never been + called on completion of dnd operation + + JDK-8039888: [TEST_BUG] keyboard garbage after + javax/swing/plaf/windows/WindowsRootPaneUI/WrongAltProcessing/ + /WrongAltProcessing.java + + JDK-8042098: [TESTBUG] Test + sun/java2d/AcceleratedXORModeTest.java fails on Windows + + JDK-8065422: Trailing dot in hostname causes TLS handshake to + fail with SNI disabled + + JDK-8072770: [TESTBUG] Some Introspector tests fail with a + Java heap bigger than 4GB + + JDK-8075964: Test java/awt/Mouse/TitleBarDoubleClick/ + /TitleBarDoubleClick.html fails intermittently with timeout + error + + JDK-8137101: [TEST_BUG] javax/swing/plaf/basic/BasicHTML/ + /4251579/bug4251579.java failure due to timing + + JDK-8142540: [TEST_BUG] Test sun/awt/dnd/8024061/ + /bug8024061.java fails on ubuntu + + JDK-8156579: Two JavaBeans tests failed + + JDK-8156581: Cleanup of ProblemList.txt + + JDK-8159135: [PIT] javax/swing/JMenuItem/8152981/ + /MenuItemIconTest.java always fail + + JDK-8177560: @headful key can be removed from the tests for + JavaSound + + JDK-8196196: Headful tests should not be run in headless mode + + JDK-8196467: javax/swing/JInternalFrame/Test6325652.java fails + + JDK-8197408: Bad pointer comparison and small cleanup in + os_linux.cpp + + JDK-8203485: [freetype] text rotated on 180 degrees is too + narrow + + JDK-8205959: Do not restart close if errno is EINTR + + JDK-8216366: Add rationale to PER_CPU_SHARES define + + JDK-8226236: win32: + gc/metaspace/TestCapacityUntilGCWrapAround.java fails + + JDK-8228585: jdk/internal/platform/cgroup/ + /TestCgroupMetrics.java - NumberFormatException because of + large long values (memory limit_in_bytes) + + JDK-8229182: [TESTBUG] runtime/containers/docker/ + /TestMemoryAwareness.java test fails on SLES12 + + JDK-8229202: Docker reporting causes secondary crashes in + error handling + + JDK-8230305: Cgroups v2: Container awareness + + JDK-8231111: Cgroups v2: Rework Metrics in java.base so as to + recognize unified hierarchy + + JDK-8232207: Linux os::available_memory re-reads cgroup + configuration on every invocation + + JDK-8233570: [TESTBUG] HTMLEditorKit test bug5043626.java is + failing on macos + + JDK-8234484: Add ability to configure third port for remote + JMX + + JDK-8237479: 8230305 causes slowdebug build failure + + JDK-8239559: Cgroups: Incorrect detection logic on some + systems + + JDK-8239785: Cgroups: Incorrect detection logic on old + systems in hotspot + + JDK-8239827: The test OpenByUNCPathNameTest.java should be + changed to be manual + + JDK-8240189: [TESTBUG] Some cgroup tests are failing after + JDK-8231111 + + JDK-8241087: Build failure with VS 2019 (16.5.0) due to C2039 + and C2873 + + JDK-8242468: VS2019 build missing vcruntime140_1.dll + + JDK-8243543: jtreg test security/infra/java/security/cert/ + /CertPathValidator/certification/BuypassCA.java fails + + JDK-8244500: jtreg test error in test/hotspot/jtreg/ + /containers/docker/TestMemoryAwareness.java + + JDK-8245543: Cgroups: Incorrect detection logic on some + systems (still reproducible) + + JDK-8245654: Add Certigna Root CA + + JDK-8247676: vcruntime140_1.dll is not needed on 32-bit + Windows + + JDK-8248899: security/infra/java/security/cert/ + /CertPathValidator/certification/QuoVadisCA.java fails, + Certificate has been revoked + + JDK-8252359: HotSpot Not Identifying it is Running in a + Container + + JDK-8252957: Wrong comment in CgroupV1Subsystem::cpu_quota + + JDK-8253435: Cgroup: 'stomping of _mount_path' crash if + manually mounted cpusets exist + + JDK-8253714: [cgroups v2] Soft memory limit incorrectly using + memory.high + + JDK-8253727: [cgroups v2] Memory and swap limits reported + incorrectly + + JDK-8253797: [cgroups v2] Account for the fact that swap + accounting is disabled on some systems + + JDK-8253939: [TESTBUG] Increase coverage of the cgroups + detection code + + JDK-8254001: [Metrics] Enhance parsing of cgroup interface + files for version detection + + JDK-8254717: isAssignableFrom checks in + KeyFactorySpi.engineGetKeySpec appear to be backwards + + JDK-8254997: Remove unimplemented + OSContainer::read_memory_limit_in_bytes + + JDK-8257620: Do not use objc_msgSend_stret to get macOS + version + + JDK-8262379: Add regression test for JDK-8257746 + + JDK-8263404: RsaPrivateKeySpec is always recognized as + RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec + + JDK-8266391: Replace use of reflection in + jdk.internal.platform.Metrics + + JDK-8270317: Large Allocation in CipherSuite + + JDK-8275535: Retrying a failed authentication on multiple + LDAP servers can lead to users blocked + + JDK-8275650: Problemlist java/io/File/createTempFile/ + /SpecialTempFile.java for Windows 11 + + JDK-8275713: TestDockerMemoryMetrics test fails on recent runc + + JDK-8278951: containers/cgroup/PlainRead.java fails on Ubuntu + 21.10 + + JDK-8280048: Missing comma in copyright header + + JDK-8282398: EndingDotHostname.java test fails because SSL + cert expired + + JDK-8282511: Use fixed certificate validation date in + SSLExampleCert template + + JDK-8282947: JFR: Dump on shutdown live-locks in some + conditions + + JDK-8283606: Tests may fail with zh locale on MacOS + + JDK-8284102: [TESTBUG] [11u] Retroactively add regression + test for JDK-8272124 + + JDK-8284690: [macos] VoiceOver : Getting + java.lang.IllegalArgumentException: Invalid location on + Editable JComboBox + + JDK-8284756: [11u] Remove unused isUseContainerSupport in + CgroupV1Subsystem + + JDK-8284977: MetricsTesterCgroupV2.getLongValueEntryFromFile + fails when named value doesn't exist + + JDK-8286624: Regression Test CoordinateTruncationBug.java + fails on OL8.3 + + JDK-8287107: CgroupSubsystemFactory.setCgroupV2Path asserts + with freezer controller + + JDK-8287109: Distrust.java failed with + CertificateExpiredException + + JDK-8287463: JFR: Disable TestDevNull.java on Windows + + JDK-8287741: Fix of JDK-8287107 (unused cgv1 freezer + controller) was incomplete + + JDK-8289695: [TESTBUG] TestMemoryAwareness.java fails on + cgroups v2 and crun + + JDK-8291570: [TESTBUG] Part of JDK-8250984 absent from 11u + + JDK-8292083: Detected container memory limit may exceed + physical machine memory + + JDK-8292541: [Metrics] Reported memory limit may exceed + physical machine memory + + JDK-8293472: Incorrect container resource limit detection if + manual cgroup fs mounts present + + JDK-8293540: [Metrics] Incorrectly detected resource limits + with additional cgroup fs mounts + + JDK-8293767: AWT test TestSinhalaChar.java has old SCCS + markings + + JDK-8294767: 8u contains two copies of + test/../FileUtils.java, one uses JDK9+ features + + JDK-8295322: Tests for JDK-8271459 were not backported to 11u + + JDK-8295952: Problemlist existing compiler/rtm tests also on + x86 + + JDK-8295982: Failure in sun/security/tools/keytool/ + /WeakAlg.java - ks: The process cannot access the file because + it is being used by another process + + JDK-8296480: java/security/cert/pkix/policyChanges/ + /TestPolicy.java is failing + + JDK-8296485: BuildEEBasicConstraints.java test fails with + SunCertPathBuilderException + + JDK-8296632: Write a test to verify the content change of + TextArea sends TextEvent + + JDK-8296957: One more cast in SAFE_SIZE_NEW_ARRAY2 + + JDK-8297329: [8u] hotspot needs to recognise VS2019 + + JDK-8297739: Bump update version of OpenJDK: 8u372 + + JDK-8297996: [8u] generated images are broken due to renaming + of MSVC runtime DLL's + + JDK-8298027: Remove SCCS id's from awt jtreg tests + + JDK-8298307: Enable hotspot/tier1 for 32-bit builds in GHA + for 8u + + JDK-8299445: EndingDotHostname.java fails because of + compilation errors + + JDK-8299548: Fix hotspot/test/runtime/Metaspace/ + /MaxMetaspaceSizeTest.java in 8u + + JDK-8299804: Fix non-portable code in hotspot shell tests in + 8u + + JDK-8300014: Some backports placed the tests in the wrong + location + + JDK-8300119: CgroupMetrics.getTotalMemorySize0() can report + invalid results on 32 bit systems + + JDK-8301122: [8u] Fix unreliable vs2010 download link + + JDK-8301143: [TESTBUG] jfr/event/sampling/TestNative was + backported to JDK8u without proper native wrapper + + JDK-8301246: NPE in FcFontManager.getDefaultPlatformFont() on + Linux without installed fontconfig + + JDK-8301332: [8u] Fix writing of test files after the cgroups + v2 backport + + JDK-8301550: [8u] Enable additional linux build testing in + GitHub + + JDK-8301620: [8u] some shell tests are passed but have + unexpected operator errors + + JDK-8301760: Fix possible leak in SpNegoContext dispose + + JDK-8303408: [AIX] Broken jdk8u build after JDK-8266391 + + JDK-8303828: [Solaris] Broken jdk8u build after JDK-8266391 + + JDK-8304053: Revert os specific stubs for SystemMetrics + + JDK-8305113: (tz) Update Timezone Data to 2023c + +------------------------------------------------------------------- +Tue Feb 7 17:13:58 UTC 2023 - Fridrich Strba + +- Update to version jdk8u362 (icedtea-3.26.0) + * January 2023 CPU + * CVEs + + CVE-2023-21830, bsc#1207249 + + CVE-2023-21843, bsc#1207248 + * Security fixes + + JDK-8285021: Improve CORBA communication + + JDK-8286496: Improve Thread labels + + JDK-8288516: Enhance font creation + + JDK-8289350: Better media supports + + JDK-8293554: Enhanced DH Key Exchanges + + JDK-8293598: Enhance InetAddress address handling + + JDK-8293717: Objective view of ObjectView + + JDK-8293734: Improve BMP image handling + + JDK-8293742: Better Banking of Sounds + + JDK-8295687: Better BMP bounds + * New features + + Support for building with autoconf 2.71 + * Import of OpenJDK 8 u362 build 09 + + JDK-6885993: Named Thread: introduce print() and + print_on(outputStream* st) methods + + JDK-7124218: [TEST_BUG] [macosx] Space should select cell in + the JTable + + JDK-8054066: com/sun/jdi/DoubleAgentTest.java fails with + timeout + + JDK-8067941: [TESTBUG] Fix tests for OS with 64K page size. + + JDK-8071530: Update OS detection code to reflect Windows 10 + version change + + JDK-8073464: GC workers do not have thread names + + JDK-8079255: [TEST_BUG] [macosx] Test closed/java/awt/Robot/ + /RobotWheelTest/RobotWheelTest fails for Mac only + + JDK-8129827: [TEST_BUG] Test java/awt/Robot/RobotWheelTest/ + /RobotWheelTest.java fails + + JDK-8148005: One byte may be corrupted by + get_datetime_string() + + JDK-8159599: [TEST_BUG] java/awt/Modal/ModalInternalFrameTest/ + /ModalInternalFrameTest.java + + JDK-8159720: Failure of C2 compilation with tiered prevents + some C1 compilations + + JDK-8197859: VS2017 Complains about UINTPTR_MAX definition in + globalDefinitions_VisCPP.hpp + + JDK-8206456: [TESTBUG] docker jtreg tests fail on systems + without cpuset.effective_cpus / cpuset.effective_mems + + JDK-8221529: [TESTBUG] Docker tests use old/deprecated image + on AArch64 + + JDK-8224506: [TESTBUG] TestDockerMemoryMetrics.java fails + with exitValue = 137 + + JDK-8233551: [TESTBUG] SelectEditTableCell.java fails on MacOS + + JDK-8241086: Test runtime/NMT/HugeArenaTracking.java is + failing on 32bit Windows + + JDK-8253702: BigSur version number reported as 10.16, should + be 11.nn + + JDK-8255559: Leak File Descriptors Because of + ResolverLocalFilesystem#engineResolveURI() + + JDK-8265527: tools/javac/diags/CheckExamples.java fails after + JDK-8078024 8u backport + + JDK-8269039: Disable SHA-1 Signed JARs + + JDK-8269850: Most JDK releases report macOS version 12 as + 10.16 instead of 12.0 + + JDK-8270344: Session resumption errors + + JDK-8271459: C2: Missing NegativeArraySizeException when + creating StringBuilder with negative capacity + + JDK-8273176: handle latest VS2019 in abstract_vm_version + + JDK-8274563: jfr/event/oldobject/TestClassLoaderLeak.java + fails when GC cycles are not happening + + JDK-8274840: Update OS detection code to recognize Windows 11 + + JDK-8275887: jarsigner prints invalid digest/signature + algorithm warnings if keysize is weak/disabled + + JDK-8280890: Cannot use '-Djava.system.class.loader' with + class loader in signed JAR + + JDK-8283277: ISO 4217 Amendment 171 Update + + JDK-8283903: GetContainerCpuLoad does not return the correct + result in share mode + + JDK-8284389: Improve stability of GHA Pre-submit testing by + caching cygwin installer + + JDK-8284622: Update versions of some Github Actions used in + JDK workflow + + JDK-8286582: Build fails on macos aarch64 when using + --with-zlib=bundled + + JDK-8288928: Incorrect GPL header in pnglibconf.h (backport + of JDK-8185041) + + JDK-8289549: ISO 4217 Amendment 172 Update + + JDK-8292762: Remove .jcheck directories from jdk8u + subcomponents + + JDK-8293181: Bump update version of OpenJDK: 8u362 + + JDK-8293461: Add a test for JDK-8290832 + + JDK-8293828: JFR: jfr/event/oldobject/TestClassLoaderLeak.java + still fails when GC cycles are not happening + + JDK-8294307: ISO 4217 Amendment 173 Update + + JDK-8294357: (tz) Update Timezone Data to 2022d + + JDK-8294863: Enable partial tier1 testing in GHA for JDK8 + + JDK-8295164: JDK 8 jdi tests should not use tasklist command + on Windows + + JDK-8295173: (tz) Update Timezone Data to 2022e + + JDK-8295288: Some vm_flags tests associate with a wrong BugID + + JDK-8295714: GHA ::set-output is deprecated and will be + removed + + JDK-8295723: security/infra/wycheproof/RunWycheproof.java + fails with Assertion Error + + JDK-8295915: Problemlist compiler/rtm failures specific to 8u + + JDK-8295950: Enable langtools/tier1 in GHA for 8u + + JDK-8296108: (tz) Update Timezone Data to 2022f + + JDK-8296239: ISO 4217 Amendment 174 Update + + JDK-8296555: Enable hotspot/tier1 for 64-bit builds in GHA + for 8u + + JDK-8296715: CLDR v42 update for tzdata 2022f + + JDK-8296959: Fix hotspot shell tests of 8u on multilib systems + + JDK-8297141: Fix hotspot/test/runtime/SharedArchiveFile/ + /DefaultUseWithClient.java for 8u + + JDK-8297804: (tz) Update Timezone Data to 2022g + + JDK-8299439: java/text/Format/NumberFormat/CurrencyFormat.java + fails for hr_HR + + JDK-8299483: ProblemList java/text/Format/NumberFormat/ + /CurrencyFormat.java + + JDK-8300178: JDK-8286496 causes build failure on older GCC + + JDK-8300225: JDK-8288516 causes build failure on Windows + + VS2010 + * Bug fixes + + Don't run check-aes on Zero builds (pointless and slow) +- Removed patch: + * java-1_8_0-openjdk-autoconf27.patch + + fixed upstream + +------------------------------------------------------------------- +Thu Dec 1 17:23:41 UTC 2022 - Fridrich Strba + +- Update to version jdk8u352 (icedtea-3.25.0) + * October 2022 CPU + * CVEs + + CVE-2022-21619 (bsc#1204473) + + CVE-2022-21626 (bsc#1204471) + + CVE-2022-21624 (bsc#1204475) + + CVE-2022-21628 (bsc#1204472) + * Security fixes + + JDK-8282252: Improve BigInteger/Decimal validation + + JDK-8285662: Better permission resolution + + JDK-8286511: Improve macro allocation + + JDK-8286519: Better memory handling + + JDK-8286526: Improve NTLM support + + JDK-8286533: Key X509 usages + + JDK-8286910: Improve JNDI lookups + + JDK-8286918: Better HttpServer service + + JDK-8288508: Enhance ECDSA usage + * Import of OpenJDK 8 u352 + + JDK-7131823: bug in GIFImageReader + + JDK-7186258: InetAddress$Cache should replace + currentTimeMillis with nanoTime for more precise and accurate + + JDK-8028265: Add legacy tz tests to OpenJDK + + JDK-8039955: [TESTBUG] jdk/lambda/LambdaTranslationTest1 - + java.lang.AssertionError: expected [d:1234.000000] but found + [d:1234,000000] + + JDK-8049228: Improve multithreaded scalability of InetAddress + cache + + JDK-8071507: (ref) Clear phantom reference as soft and weak + references do + + JDK-8087283: Add support for the XML Signature here() function + to the JDK XPath implementation + + JDK-8130895: Test javax/swing/system/6799345/TestShutdown.java + fails on Solaris11 Sparcv9 + + JDK-8136354: [TEST_BUG] Test + java/awt/image/RescaleOp/RescaleAlphaTest.java with Bad action + for script + + JDK-8139668: Generate README-build.html from markdown + + JDK-8143847: Remove REF_CLEANER reference category + + JDK-8147862: Null check too late in + sun.net.httpserver.ServerImpl + + JDK-8150669: C1 intrinsic for Class.isPrimitive + + JDK-8155742: [Windows] robot.keyPress(KeyEvent.VK_ALT_GRAPH) + throws java.lang.IllegalArgumentException in windows + + JDK-8173339: AArch64: Fix minimum stack size computations + + JDK-8173361: various crashes in + JvmtiExport::post_compiled_method_load + + JDK-8175797: (ref) Reference::enqueue method should clear the + reference object before enqueuing + + JDK-8178832: (ref) jdk.lang.ref.disableClearBeforeEnqueue + property is ignored + + JDK-8183107: PKCS11 regression regarding checkKeySize + + JDK-8193780: (ref) Remove the undocumented + "jdk.lang.ref.disableClearBeforeEnqueue" system property + + JDK-8194873: right ALT key hotkeys no longer work in Swing + components + + JDK-8201793: (ref) Reference object should not support cloning + + JDK-8214427: probable bug in logic of + ConcurrentHashMap.addCount() + + JDK-8232950: SUNPKCS11 Provider incorrectly check key length + for PSS Signatures. + + JDK-8233019: java.lang.Class.isPrimitive() (C1) returns wrong + result if Klass* is aligned to 32bit + + JDK-8235218: Minimal VM is broken after JDK-8173361 + + JDK-8235385: Crash on aarch64 JDK due to long offset + + JDK-8245263: Enable TLSv1.3 by default on JDK 8u for Client + roles + + JDK-8254178: Remove .hgignore + + JDK-8254318: Remove .hgtags + + JDK-8256722: handle VC++:1927 VS2019 in abstract_vm_version + + JDK-8260589: Crash in JfrTraceIdLoadBarrier::load(_jclass*) + + JDK-8280963: Incorrect PrintFlags formatting on Windows + + JDK-8282538: PKCS11 tests fail on CentOS Stream 9 + + JDK-8283849: AsyncGetCallTrace may crash JVM on guarantee + + JDK-8285400: Add '@apiNote' to the APIs defined in + Java SE 8 MR 3 + + JDK-8285497: Add system property for Java SE specification + maintenance version + + JDK-8287132: Retire Runtime.runFinalizersOnExit so that it + always throws UOE + + JDK-8287508: The tests added to jdk-8 by 8235385 are to be + ported to jdk-11 + + JDK-8287521: Bump update version of OpenJDK: 8u352 + + JDK-8288763: Pack200 extraction failure with invalid size + + JDK-8288865: [aarch64] LDR instructions must use legitimized + addresses + + JDK-8290000: Bump macOS GitHub actions to macOS 11 + + JDK-8292579: (tz) Update Timezone Data to 2022c + + JDK-8292688: Support Security properties in + security.testlibrary.Proc + * AArch32 port + + JDK-8292599: [aarch32] Crash due to missed CPU specific part + of 8233019 + +------------------------------------------------------------------- +Wed Aug 24 10:48:55 UTC 2022 - Andreas Schwab + +- make-jobserver-detection.patch: Fix detection of jobserver support + +------------------------------------------------------------------- +Tue Aug 2 19:37:31 UTC 2022 - Fridrich Strba + +- Update to version jdk8u345 (icedtea-3.24.0) + * July 2022 CPU + * Security fixes + + JDK-8272243: Improve DER parsing + + JDK-8272249: Better properties of loaded Properties + + JDK-8277608: Address IP Addressing + + JDK-8281859, CVE-2022-21540, bsc#1201694: Improve class + compilation + + JDK-8281866, CVE-2022-21541, bsc#1201692: Enhance + MethodHandle invocations + + JDK-8283190: Improve MIDI processing + + JDK-8284370: Improve zlib usage + + JDK-8285407, CVE-2022-34169, bsc#1201684: Improve Xalan + supports + * Import of OpenJDK 8 u342 + + JDK-8076190, bsc#1195163: Customizing the generation of a + PKCS12 keystore + + JDK-8129572: Cleanup usage of getResourceAsStream in jaxp + + JDK-8132256: jaxp: Investigate removal of com/sun/org/apache/ + /bcel/internal/util/ClassPath.java + + JDK-8168926: C2: Bytecode escape analyzer crashes due to + stack overflow + + JDK-8170530: bash configure output contains a typo in a + suggested library name + + JDK-8190753: (zipfs): Accessing a large entry (> 2^31 bytes) + leads to a negative initial size for ByteArrayOutputStream + + JDK-8194154: System property user.dir should not be changed + + JDK-8202142: jfr/event/io/TestInstrumentation is unstable + + JDK-8209771: jdk.test.lib.Utils::runAndCheckException error + + JDK-8221988: add possibility to build with Visual Studio 2019 + + JDK-8223396: [TESTBUG] several jfr tests do not clean up + files created in /tmp + + JDK-8230865: [TESTBUG] jdk/jfr/event/io/EvilInstrument.java + fails at-run shell MakeJAR.sh target + + JDK-8235211: serviceability/attach/ + /RemovingUnixDomainSocketTest.java fails with + AttachNotSupportedException: Unable to open socket file + + JDK-8244973: serviceability/attach/ + /RemovingUnixDomainSocketTest.java fails "stderr was not + empty" + + JDK-8248876: LoadObject with bad base address created for + exec file on linux + + JDK-8255239: The timezone of the hs_err_pid log file is + corrupted in Japanese locale + + JDK-8261107: ArrayIndexOutOfBoundsException in the + ICC_Profile.getInstance(InputStream) + + JDK-8266187: Memory leak in appendBootClassPath() + + JDK-8274658: ISO 4217 Amendment 170 Update + + JDK-8274751: Drag And Drop hangs on Windows + + JDK-8278138: OpenJDK8 fails to start on Windows 8.1 after + upgrading compiler to VS2017 + + JDK-8279669: test/jdk/com/sun/jdi/TestScaffold.java uses + wrong condition + + JDK-8281814: Debuginfo.diz contains redundant build path + after backport JDK-8025936 + + JDK-8282458: Update .jcheck/conf file for 8u move to git + + JDK-8282552: Bump update version of OpenJDK: 8u342 + + JDK-8283350: (tz) Update Timezone Data to 2022a + + JDK-8284620: CodeBuffer may leak _overflow_arena + + JDK-8285445: cannot open file "NUL:" + + JDK-8285523: Improve test java/io/FileOutputStream/ + /OpenNUL.java + + JDK-8285591: [11] add signum checks in DSA.java engineVerify + + JDK-8285727: [11u, 17u] Unify fix for JDK-8284920 with + version from head + + JDK-8286989: Build failure on macOS after 8281814 + + JDK-8287537: 8u JDK-8284620 backport broke AArch64 build + * Import of OpenJDK 8 u345 + + JDK-8290832: It is no longer possible to change "user.dir" + in the JDK8 + + JDK-8291568: Bump update version of OpenJDK: 8u345 +- Removed patch: + * JDK-8076190.patch + + Included by upstream + +------------------------------------------------------------------- +Thu Jun 30 08:07:09 UTC 2022 - Fridrich Strba + +- Update to version jdk8u332 (icedtea-3.23.0) + * April 2022 CPU + * Security fixes + + JDK-8269938: Enhance XML processing passes redux + + JDK-8270504, bsc#1198672, CVE-2022-21426: Better XPath + expression handling + + JDK-8272255: Completely handle MIDI files + + JDK-8272261: Improve JFR recording file processing + + JDK-8272594: Better record of recordings + + JDK-8274221: More definite BER encodings + + JDK-8275151, bsc#1198675, CVE-2022-21443: Improved Object + Identification + + JDK-8277227: Better identification of OIDs + + JDK-8277672, bsc#1198674, CVE-2022-21434: Better invocation + handler handling + + JDK-8278008, bsc#1198671, CVE-2022-21476: Improve Santuario + processing + + JDK-8278356: Improve file creation + + JDK-8278449: Improve keychain support + + JDK-8278805: Enhance BMP image loading + + JDK-8278972, bsc#1198673, CVE-2022-21496: Improve URL supports + + JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo + * Import of OpenJDK 8 u332 + + JDK-8033980: Xerces Update: datatype XMLGregorianCalendarImpl + and DurationImpl + + JDK-8035437: Xerces Update: xml/serialize/DOMSerializerImpl + + JDK-8035577: Xerces Update: impl/xpath/regex/RangeToken.java + + JDK-8037259: xerces update: xpointer update + + JDK-8041523: Xerces Update: Serializer improvements from Xalan + + JDK-8141508: java.lang.invoke.LambdaConversionException: + Invalid receiver type + + JDK-8162572: Update License Header for all JAXP sources + + JDK-8167014: jdeps: Missing message: warn.skipped.entry + + JDK-8198411: [TEST_BUG] Two java2d tests are unstable in mach5 + + JDK-8202822: Add .git to .hgignore + + JDK-8205540: test/hotspot/jtreg/vmTestbase/nsk/jdb/trace/ + /trace001/trace001.java fails with Debuggee did not exit after + 15 commands + + JDK-8209178: Proxied HttpsURLConnection doesn't send BODY + when retrying POST request + + JDK-8210283: Support git as an SCM alternative in the build + + JDK-8218682: [TEST_BUG] DashOffset fails in mach5 + + JDK-8225690: Multiple AttachListener threads can be created + + JDK-8227738: jvmti/DataDumpRequest/datadumpreq001 failed due + to "exit code is 134" + + JDK-8227815: Minimal VM: set_state is not a member of + AttachListener + + JDK-8240633: Memory leaks in the implementations of + FileChooserUI + + JDK-8241768: git needs .gitattributes + + JDK-8247766: [aarch64] guarantee(val < (1U << nbits)) failed: + Field too big for insn + + JDK-8253147: The javax/swing/JPopupMenu/7154841/ + /bug7154841.java fail on big screens + + JDK-8253353: Crash in C2: guarantee(n != NULL) failed: No Node + + JDK-8266749: AArch64: Backtracing broken on PAC enabled + systems + + JDK-8270290: NTLM authentication fails if HEAD request is used + + JDK-8273229: Update OS detection code to recognize Windows + Server 2022 + + JDK-8273341: Update Siphash to version 1.0 + + JDK-8273575: memory leak in appendBootClassPath(), paths must + be deallocated + + JDK-8274524: SSLSocket.close() hangs if it is called during + the ssl handshake + + JDK-8277224: sun.security.pkcs.PKCS9Attributes.toString() + throws NPE + + JDK-8277488: Add expiry exception for Digicert + (geotrustglobalca) expiring in May 2022 + + JDK-8279077: JFR crashes on Linux ppc due to missing crash + protector in signal handler + + JDK-8280060: The sun/rmi/server/Activation.java class use + Thread.dumpStack() + + JDK-8282300: Throws NamingException instead of + InvalidNameException after JDK-8278972 + + JDK-8282397: createTempFile method of java.io.File is failing + when called with suffix of spaces character + + JDK-8284548: Invalid XPath expression causes + StringIndexOutOfBoundsException + + JDK-8284920: Incorrect Token type causes XPath expression to + return empty result + + JDK-8284936: Fix Java 7 bootstrap breakage due to use of + Arrays.stream + * Backports + + JDK-8031567: Better model for storing source revision + information + + JDK-8170385: JDK-8031567 broke source bundles + + JDK-8170392: JDK-8031567 broke builds from source bundles + + JDK-8253424: Add support for running pre-submit testing using + GitHub Actions + + JDK-8253865: Pre-submit testing using GitHub Actions does not + detect failures reliably + + JDK-8254054: Pre-submit testing using GitHub Actions should + not use the deprecated set-env command + + JDK-8254173: Add Zero, Minimal hotspot targets to submit + workflow + + JDK-8254175: Build no-pch configuration in debug mode for + submit checks + + JDK-8254282: Add Linux x86_32 builds to submit workflow + + JDK-8255305: Add Linux x86_32 tier1 to submit workflow + + JDK-8255352: Archive important test outputs in submit workflow + + JDK-8255373: Submit workflow artifact name is always + "test-results_.zip" + + JDK-8255895: Submit workflow artifacts miss hs_errs/replays + due to ZIP include mismatch + + JDK-8256127: Add cross-compiled foreign architectures builds + to submit workflow + + JDK-8256277: Github Action build on macOS should define OS + and Xcode versions + + JDK-8256354: Github Action build on Windows should define OS + and MSVC versions + + JDK-8256393: Github Actions build on Linux should define OS + and GCC versions + + JDK-8256414: add optimized build to submit workflow + + JDK-8256747: GitHub Actions: decouple the hotspot build-only + jobs from Linux x64 testing + + JDK-8257056: Submit workflow should apt-get update to avoid + package installation errors + + JDK-8259924: GitHub actions fail on Linux x86_32 with "Could + not configure libc6:i386" + + JDK-8260460: GitHub actions still fail on Linux x86_32 with + "Could not configure libc6:i386" + + JDK-8263667: Avoid running GitHub actions on branches named + pr/* + + JDK-8282225: GHA: Allow one concurrent run per PR only + + JDK-8284772: 8u GHA: Use GCC Major Version Dependencies Only + * Bug fixes + + GH002: Only add -Wno-unused-parameter on gcc and clang + compilers. + + GH004: Fix naming of sockaddr_in6 variable (sa6->him6) in + SOCKETADDRESS union on Windows + + GH007: Fix NetworkInterface_winXP.c variable declarations to + compile on VS2010 + + GH008: Reinstate POST_STRIP_CMD empty check in Images.gmk + + GH012: Building from tarball broken by bad backport of + JDK-8210283 + * Shenandoah + + JDK-8260632: Build failures after JDK-8253353 + +------------------------------------------------------------------- +Mon Apr 4 07:24:25 UTC 2022 - Stephan Kulow + +- Add java-1_8_0-openjdk-autoconf27.patch to accept autoconf 2.71 + as autoconf 2.59 or later + +------------------------------------------------------------------- +Sat Mar 5 07:44:43 UTC 2022 - Fridrich Strba + +- Update to version jdk8u322 (icedtea-3.22.0) + * January 2022 CPU + * Security fixes + + JDK-8264934, CVE-2022-21248, bsc#1194926: Enhance cross VM + serialization + + JDK-8268488: More valuable DerValues + + JDK-8268494: Better inlining of inlined interfaces + + JDK-8268512: More content for ContentInfo + + JDK-8268795: Enhance digests of Jar files + + JDK-8268801: Improve PKCS attribute handling + + JDK-8268813, CVE-2022-21283, bsc#1194937: Better String + matching + + JDK-8269151: Better construction of EncryptedPrivateKeyInfo + + JDK-8269944: Better HTTP transport redux + + JDK-8270392, CVE-2022-21293, bsc#1194935: Improve String + constructions + + JDK-8270416, CVE-2022-21294, bsc#1194934: Enhance + construction of Identity maps + + JDK-8270492, CVE-2022-21282, bsc#1194933: Better resolution + of URIs + + JDK-8270498, CVE-2022-21296, bsc#1194932: Improve SAX Parser + configuration management + + JDK-8270646, CVE-2022-21299, bsc#1194931: Improved scanning + of XML entities + + JDK-8271962: Better TrueType font loading + + JDK-8271968: Better canonical naming + + JDK-8271987: Manifest improved manifest entries + + JDK-8272014, CVE-2022-21305, bsc#1194939: Better array + indexing + + JDK-8272026, CVE-2022-21340, bsc#1194940: Verify Jar + Verification + + JDK-8272236, CVE-2022-21341, bsc#1194941: Improve serial + forms for transport + + JDK-8272272: Enhance jcmd communication + + JDK-8272462: Enhance image handling + + JDK-8273290: Enhance sound handling + + JDK-8273748, CVE-2022-21349: Improve Solaris font rendering + + JDK-8273756, CVE-2022-21360, bsc#1194929: Enhance BMP image + support + + JDK-8273838, CVE-2022-21365, bsc#1194928: Enhanced BMP + processing + * Import of OpenJDK 8 u322 + + JDK-6801613: Cross-platform pageDialog and printDialog top + margin entry broken + + JDK-8011541: [TEST_BUG] closed/javax/swing/plaf/metal/ + /MetalUtils/bug6190373.java fails NPE since 7u25b03 + + JDK-8025430: [TEST_BUG] javax/swing/JEditorPane/5076514/ + /bug5076514.java failed since jdk8b108 + + JDK-8041928: MouseEvent.getModifiersEx gives wrong result + + JDK-8042199: The build of J2DBench via makefile is broken + after the JDK-8005402 + + JDK-8044365: (dc) MulticastSendReceiveTests.java failing with + ENOMEM when joining group (OS X 10.9) + + JDK-8048021: Remove @version tag in jaxp repo + + JDK-8049348: compiler/intrinsics/bmi/verifycode tests on + lzcnt and tzcnt use incorrect assumption about REXB prefix + usage + + JDK-8060027: Tests java/beans/XMLEncoder/Test4903007.java and + java/beans/XMLEncoder/java_awt_GridBagLayout.java + + JDK-8066588: javax/management/remote/mandatory/connectio + /RMIConnector_NPETest.java fails to compile + + JDK-8066652: Default TimeZone is GMT not local if + user.timezone is invalid on Mac OS + + JDK-8069034: + gc/g1/TestEagerReclaimHumongousRegionsClearMarkBits.java + nightly failure + + JDK-8077590: windows_i586_6.2-product-c2-runThese8_Xcomp_vm + failing after win compiler upgrade + + JDK-8080287: The image of BufferedImage.TYPE_INT_ARGB and + BufferedImage.TYPE_INT_ARGB_PRE is blank + + JDK-8140329: [TEST_BUG] test FullScreenAfterSplash.java + failed because image was not generated + + JDK-8140472: java/net/ipv6tests/TcpTest.java failed + intermittently with java.net.BindException: Address already in + use: NET_Bind + + JDK-8147051: StaxEntityResolverWrapper should create + StaxXMLInputSource with a resolver indicator + + JDK-8148915: Intermittent failures of bug6400879.java + + JDK-8176837: SunPKCS11 provider needs to check more details + on PKCS11 Mechanism + + JDK-8177393: Result of RescaleOp for 4BYTE_ABGR images may be + 25% black + + JDK-8177536: Avoid Apple Peer-to-Peer interfaces in + networking tests + + JDK-8182036: Load from initializing arraycopy uses wrong + memory state + + JDK-8183369: RFC unconformity of HttpURLConnection with proxy + + JDK-8183543: Aarch64: C2 compilation often fails with "failed + spill-split-recycle sanity check" + + JDK-8187450: JNI local refs exceeds capacity warning in + NetworkInterface::getAll + + JDK-8187649: ArrayIndexOutOfBoundsException in + java.util.JapaneseImperialCalendar + + JDK-8190482: InnocuousThread creation should not require the + caller to possess enableContextClassLoaderOverride + + JDK-8190793: Httpserver does not detect truncated request body + + JDK-8196572: Tests ColConvCCMTest.java and MTColConvTest.java + fail + + JDK-8202788: Explicitly reclaim cached thread-local direct + buffers at thread exit + + JDK-8210058: Algorithmic Italic font leans opposite angle in + Printing + + JDK-8220150: macos10.14 Mojave returns anti-aliased glyphs + instead of aliased B&W glyphs + + JDK-8225082: Remove IdenTrust certificate that is expiring in + September 2021 + + JDK-8225083: Remove Google certificate that is expiring in + December 2021 + + JDK-8226806: [macOS 10.14] Methods of Java Robot should be + called from appropriate thread + + JDK-8231254: (fs) Add test for macOS Catalina changes to + protect system software + + JDK-8231438: [macOS] Dark mode for the desktop is not + supported + + JDK-8232178: MacVolumesTest failed after upgrade to MacOS + Catalina + + JDK-8232226: [macos 10.15] test/jdk/java/awt/color/ + /EqualityTest/EqualityTest.java may fail + + JDK-8235153: [TESTBUG] [macos 10.15] java/awt/Graphics/ + /DrawImageBG/SystemBgColorTest.java fails + + JDK-8236897: Fix the copyright header for pkcs11gcm2.h + + JDK-8237499: JFR: Include stack trace in the ThreadStart event + + JDK-8239886: Minimal VM build fails after JDK-8237499 + + JDK-8261397: Try Catch Method Failing to Work When Dividing + An Integer By 0 + + JDK-8262731: [macOS] Exception from "Printable.print" is + swallowed during "PrinterJob.print" + + JDK-8272342: [TEST_BUG] java/awt/print/PrinterJob/ + /PageDialogMarginTest.java catches all exceptions + + JDK-8273308: PatternMatchTest.java fails on CI + + JDK-8273342: Null pointer dereference in + classFileParser.cpp:2817 + + JDK-8273826: Correct Manifest file name and NPE checks + + JDK-8273968: JCK javax_xml tests fail in CI + + JDK-8274407: (tz) Update Timezone Data to 2021c + + JDK-8274467: TestZoneInfo310.java fails with tzdata2021b + + JDK-8274468: TimeZoneTest.java fails with tzdata2021b + + JDK-8274595: DisableRMIOverHTTPTest failed: connection refused + + JDK-8274779: HttpURLConnection: HttpClient and HttpsClient + incorrectly check request method when set to POST + + JDK-8275766: (tz) Update Timezone Data to 2021e + + JDK-8275849: TestZoneInfo310.java fails with tzdata2021e + + JDK-8276536: Update TimeZoneNames files to follow the changes + made by JDK-8275766 +- Added patch: + * JDK-8076190.patch + + backport reviewed fix for JDK-8076190 Customizing the + generation of a PKCS12 keystore (bsc#1195163) + +------------------------------------------------------------------- +Wed Feb 9 14:51:51 UTC 2022 - Fridrich Strba + +- Removed patch: + * comment-nss-security-provider.patch + + there is a configure-time option to do exactly the same thing +- Modified patch: + * fips.patch + + allow plain key import, unless disabled with + -Dcom.suse.fips.plainKeySupport=false command-line option + +------------------------------------------------------------------- +Sat Dec 4 07:23:12 UTC 2021 - Fridrich Strba + +- Modified patch: + * fips.patch + + When system crypto policy files are not available, use the + information from the java.security file that we distribute + with OpenJDK as a fallback. (bsc#1193314, bsc#1193444, + bsc#1193491) + +------------------------------------------------------------------- +Fri Nov 5 18:01:42 UTC 2021 - Fridrich Strba + +- Modified patch: + * fips.patch + + return in native code after generating java.io.IOException + +------------------------------------------------------------------- +Tue Nov 2 13:13:44 UTC 2021 - Fridrich Strba + +- Update to version jdk8u312 (icedtea-3.21.0) + * October 2021 CPU + * Security fixes + + JDK-8130183, CVE-2021-35588, bsc#1191905: InnerClasses: VM + permits wrong Throw ClassFormatError if InnerClasses + attribute's inner_class_info_index is 0 + + JDK-8161016: Strange behavior of URLConnection with proxy + + JDK-8163326, CVE-2021-35550, bsc#1191901: Update the default + enabled cipher suites preference + + JDK-8254967, CVE-2021-35565, bsc#1191909: + com.sun.net.HttpsServer spins on TLS session close + + JDK-8263314: Enhance XML Dsig modes + + JDK-8265167, CVE-2021-35556, bsc#1191910: Richer Text Editors + + JDK-8265574: Improve handling of sheets + + JDK-8265580, CVE-2021-35559, bsc#1191911: Enhanced style for + RTF kit + + JDK-8265776: Improve Stream handling for SSL + + JDK-8266097, CVE-2021-35561, bsc#1191912: Better hashing + support + + JDK-8266103: Better specified spec values + + JDK-8266109: More Resilient Classloading + + JDK-8266115: More Manifest Jar Loading + + JDK-8266137, CVE-2021-35564, bsc#1191913: Improve Keystore + integrity + + JDK-8266689, CVE-2021-35567, bsc#1191903: More Constrained + Delegation + + JDK-8267086: ArrayIndexOutOfBoundsException in + java.security.KeyFactory.generatePublic + + JDK-8267712: Better LDAP reference processing + + JDK-8267729, CVE-2021-35578, bsc#1191904: Improve TLS client + handshaking + + JDK-8267735, CVE-2021-35586, bsc#1191914: Better BMP support + + JDK-8268193: Improve requests of certificates + + JDK-8268199: Correct certificate requests + + JDK-8268506: More Manifest Digests + + JDK-8269618, CVE-2021-35603, bsc#1191906: Better session + identification + + JDK-8269624: Enhance method selection support + + JDK-8270398: Enhance canonicalization + + JDK-8270404: Better canonicalization + * Import of OpenJDK 8 u312 build 01 + + JDK-7146776: deadlock between URLStreamHandler.getHostAddress + and file.Handler.openconnection + + JDK-8004148: NPE in + sun.awt.SunToolkit.getWindowDeactivationTime + + JDK-8027154: [TESTBUG] Test java/awt/Mouse/ + /GetMousePositionTest/GetMousePositionWithPopup.java fails + + JDK-8035001: TEST_BUG: the retry logic in RMID.start() should + check that the subprocess hasn't terminated + + JDK-8035424: (reflect) Performance problem in + sun.reflect.generics.parser.SignatureParser + + JDK-8042557: compiler/uncommontrap/ + /TestSpecTrapClassUnloading.java fails with: GC triggered + before VM initialization completed + + JDK-8054118: java/net/ipv6tests/UdpTest.java failed + intermittently + + JDK-8065215: Print warning summary at end of configure + + JDK-8072767: DefaultCellEditor for comboBox creates + ActionEvent with wrong source object + + JDK-8079891: Store configure log in $BUILD/configure.log + + JDK-8080082: configure fails if you create an empty directory + and then run configure from it + + JDK-8086003: Test fails on OSX with java.lang.RuntimeException + 'Narrow klass base: 0x0000000000000000, Narrow klass shift: 3' + missing + + JDK-8134989: java/net/MulticastSocket/TestInterfaces.java + failed due to unexpected IP address + + JDK-8156584: Initialization race in + sun.security.x509.AlgorithmId.get + + JDK-8166673: The new implementation of Robot.waitForIdle() + may hang + + JDK-8170467: (reflect) Optimize SignatureParser's use of + StringBuilders + + JDK-8196181: sun/java2d/GdiRendering/InsetClipping.java fails + + JDK-8202837: PBES2 AlgorithmId encoding error in PKCS12 + KeyStore + + JDK-8206189: sun/security/pkcs12/EmptyPassword.java fails + with Sequence tag error + + JDK-8214418: half-closed SSLEngine status may cause + application dead loop + + JDK-8214513: A PKCS12 keystore from Java 8 using custom PBE + parameters cannot be read in Java 11 + + JDK-8220786: Create new switch to redirect error reporting + output to stdout or stderr + + JDK-8229243: SunPKCS11-Solaris provider tests failing on + Solaris 11.4 + + JDK-8231222: fix pkcs11 P11_DEBUG guarded native traces + + JDK-8238567: SoftMainMixer.processAudioBuffers(): Wrong + handling of stoppedMixers + + JDK-8240518: Incorrect JNU_ReleaseStringPlatformChars in + Windows Print + + JDK-8241248: NullPointerException in + sun.security.ssl.HKDF.extract(HKDF.java:93) + + JDK-8248901: Signed immediate support in + .../share/assembler.hpp is broken. + + JDK-8259338: Add expiry exception for identrustdstx3 alias to + VerifyCACerts.java test + + JDK-8262000: jdk/jfr/event/gc/detailed/ + /TestPromotionFailedEventWithParallelScavenge.java failed with + "OutOfMemoryError: Java heap space" + + JDK-8262829: Native crash in + Win32PrintServiceLookup.getAllPrinterNames() + + JDK-8263311: Watch registry changes for remote printers + update instead of polling + + JDK-8265238: [8u] [macos] build failure in OpenJDK8u after + JDK-8211301 in older xcode + + JDK-8265978: make test should look for more locations when + searching for exit code + + JDK-8269810: [8u] Update generated_configure.sh after + JDK-8250876 backport + + JDK-8269953: config.log is not in build directory after 8u + backport of JDK-8079891 + + JDK-8271466: StackGap test fails on aarch64 due to "-m64" + * Import of OpenJDK 8 u312 build 02 + + JDK-8247469: getSystemCpuLoad() returns -1 on linux when some + offline cpus are present and cpusets.effective_cpus is not + available + + JDK-8265836: OperatingSystemImpl.getCpuLoad() returns + incorrect CPU load inside a container + * Import of OpenJDK 8 u312 build 03 + + JDK-8237495: Java MIDI fails with a dereferenced memory error + when asked to send a raw 0xF7 + + JDK-8264752: SIGFPE crash with option + FlightRecorderOptions:threadbuffersize=30M + + JDK-8266206: Build failure after JDK-8264752 with older GCCs + + JDK-8270137: Kerberos Credential Retrieval from Cache not + Working in Cross-Realm Setup + + JDK-8272214: [8u] Build failure after backport of JDK-8248901 + * Import of OpenJDK 8 u312 build 04 + + JDK-6847157: java.lang.NullPointerException: HDC for + component at sun.java2d.loops.Blit.Blit + + JDK-8176837: SunPKCS11 provider needs to check more details + on PKCS11 Mechanism + + JDK-8194246: JVM crashes when calling getStackTrace if stack + contains a method that is a member of a very large class + + JDK-8244154: Update SunPKCS11 provider with PKCS11 v3.0 + header files + + JDK-8263382: java/util/logging/ParentLoggersTest.java failed + with "checkLoggers: getLoggerNames() returned unexpected + loggers" + + JDK-8268103: JNI functions incorrectly return a double after + JDK-8265836 + + JDK-8269594: assert(_handle_mark_nesting > 1) failed: memory + leak: allocating handle outside HandleMark + + JDK-8269859: BacktraceBuilder._cprefs needs to be accessed as + unsigned short + + JDK-8269882: stack-use-after-scope in NewObjectA + * Import of OpenJDK 8 u312 build 05 + + JDK-7188942: Remove support of pbuffers in OGL Java2d pipeline + + JDK-8022323: [JavaSecurityScanner] review package + com.sun.management.* Native methods should be private + + JDK-8131062: aarch64: add support for GHASH acceleration + + JDK-8134869: AARCH64: GHASH intrinsic is not optimal + + JDK-8269851: OperatingSystemMXBean getProcessCpuLoad reports + incorrect process cpu usage in containers + + JDK-8272124: Cgroup v1 initialization causes + NullPointerException when cgroup path contains colon + + JDK-8272714: [8u] Build failure after backport of JDK-8248901 + with MSVC 2013 + * Import of OpenJDK 8 u312 build 06 + + JDK-8268965: TCP Connection Reset when connecting simple + socket to SSL server + + JDK-8272643: Backout JDK-8176837 from 8u312 + * Import of OpenJDK 8 u312 build 07 + + JDK-8157404: Unable to read certain PKCS12 keystores from + SequenceInputStream + + JDK-8222751: closed/test/jdk/sun/security/util/ + /DerIndefLenConverter/IndefBerPkcs12.java fail + + JDK-8269763: The JEditorPane is blank after JDK-8265167 + * Shenandoah + + [backport] 8269661: JNI_GetStringCritical does not lock char + array + + Re-cast JNI critical strings patch to be Shenandoah-specific + +------------------------------------------------------------------- +Wed Oct 13 10:38:53 UTC 2021 - Fridrich Strba + +- Remove the icedtea-sound backend, since all its functionality is + in the default java sound backends + +------------------------------------------------------------------- +Mon Oct 11 12:39:45 UTC 2021 - Fridrich Strba + +- Added patches: + * comment-nss-security-provider.patch + + Comment this provider since it is not passing the compliance + tests + * fips.patch + + Implement fips mode + +------------------------------------------------------------------- +Wed Aug 4 09:25:47 UTC 2021 - Andreas Schwab + +- riscv64-zero.patch: Add support for riscv64 (zero VM) + +------------------------------------------------------------------- +Wed Jul 28 12:03:07 UTC 2021 - Fridrich Strba + +- Update to version jdk8u302 (icedtea 3.20.0) + * July 2021 CPU + * Security fixes + + JDK-8256157: Improve bytecode assembly + + JDK-8256491: Better HTTP transport + + JDK-8258432, CVE-2021-2341, bsc#1188564: Improve file + transfers + + JDK-8260453: Improve Font Bounding + + JDK-8260960: Signs of jarsigner signing + + JDK-8260967, CVE-2021-2369, bsc#1188565: Better jar file + validation + + JDK-8262380: Enhance XML processing passes + + JDK-8262403: Enhanced data transfer + + JDK-8262410: Enhanced rules for zones + + JDK-8262477: Enhance String Conclusions + + JDK-8262967: Improve Zip file support + + JDK-8264066, CVE-2021-2388, bsc#1188566: Enhance compiler + validation + + JDK-8264079: Improve abstractions + + JDK-8264460: Improve NTLM support + * Import of OpenJDK 8 u302 build 01 + + JDK-6878250: (so) IllegalBlockingModeException thrown when + reading from a closed SocketChannel's InputStream + + JDK-7059970: Test case: javax/imageio/plugins/png/ + /ITXtTest.java is not closing a file + + JDK-8030123: java/beans/Introspector/Test8027648.java fails + + JDK-8033289: clang: clean up unused function warning + + JDK-8036095: RMI tests using testlibrary.RMID and + testlibrary.JavaVM do not pass through vmoptions + + JDK-8042891: Format issues embedded in macros for two g1 + source files + + JDK-8055754: filemap.cpp does not compile with clang + + JDK-8064909: FragmentMetaspace.java got OutOfMemoryError + + JDK-8066508: JTReg tests timeout on slow devices when run + using JPRT + + JDK-8066807: langtools/test/Makefile should use -agentvm not + -samevm + + JDK-8071374: -XX:+PrintAssembly -XX:+PrintSignatureHandlers + crash fastdebug VM with assert(limit == __null || limit <= + nm->code_end()) in RelocIterator::initialize + + JDK-8073446: TimeZone getOffset API does not return a dst + offset between years 2038-2137 + + JDK-8075071: [TEST_BUG] TimSortStackSize2.java: OOME: Java + heap space: MaxHeap shrinked by MaxRAMFraction + + JDK-8077364: "if( !this )" construct prevents build on Xcode + 6.3 + + JDK-8130308: Too low memory usage in + TestPromotionFromSurvivorToTenuredAfterMinorGC.java + + JDK-8132148: G1 hs_err region dump legend out of sync with + region values + + JDK-8132709: [TESTBUG] gc/g1/TestHumongousShrinkHeap.java + might fail on embedded + + JDK-8134672: [TEST_BUG] Some tests should check + isDisplayChangeSupported + + JDK-8134883: C1 hard crash in range check elimination in + Nashorn test262parallel + + JDK-8136592: [TEST_BUG] Fix 2 platform-specific closed + regtests for jigsaw + + JDK-8151786: [TESTBUG] java/beans/XMLEncoder/Test4625418.java + timed out intermittently + + JDK-8159898: Negative array size in + java/beans/Introspector/Test8027905.java + + JDK-8166046: [TESTBUG] compiler/stringopts/ + /TestStringObjectInitialization.java fails with OOME + + JDK-8166724: gc/g1/TestHumongousShrinkHeap.java fails with + OOME + + JDK-8177809: File.lastModified() is losing milliseconds + (always ends in 000) + + JDK-8178403: DirectAudio in JavaSound may hang and leak + + JDK-8180478: tools/launcher/MultipleJRE.sh fails on Windows + because of extra-'' + + JDK-8183910: gc/arguments/TestAggressiveHeap.java fails + intermittently + + JDK-8190332: PngReader throws NegativeArraySizeException/OOM + error when IHDR width is very large + + JDK-8190679: java/util/Arrays/TimSortStackSize2.java fails + with "Initial heap size set to a larger value than the maximum + heap size" + + JDK-8191955: AArch64: incorrect prefetch distance causes an + internal error + + JDK-8199265: java/util/Arrays/TimSortStackSize2.java fails + with OOM + + JDK-8200550: Xcode 9.3 produce warning -Wexpansion-to-defined + + JDK-8203196: C1 emits incorrect code due to integer overflow + in _tableswitch keys + + JDK-8205014: com/sun/jndi/ldap/DeadSSLLdapTimeoutTest.java + failed with "Read timed out" + + JDK-8209996: [PPC64] Fix JFR profiling + + JDK-8214345: infinite recursion while checking super class + + JDK-8217230: assert(t == t_no_spec) failure in + NodeHash::check_no_speculative_types() + + JDK-8217348: assert(thread->is_Java_thread()) failed: just + checking + + JDK-8225081: Remove Telia Company CA certificate expiring in + April 2021 + + JDK-8225116: Test OwnedWindowsLeak.java intermittently fails + + JDK-8230428: Cleanup dead CastIP node code in formssel.cpp + + JDK-8231631: sun/net/ftp/FtpURLConnectionLeak.java fails + intermittently with NPE + + JDK-8231841: AArch64: debug.cpp help() is missing an AArch64 + line for pns + + JDK-8231949: [PPC64, s390]: Make async profiling more reliable + + JDK-8234011: (zipfs) Memory leak in + ZipFileSystem.releaseDeflater() + + JDK-8241649: Optimize Character.toString + + JDK-8243559: Remove root certificates with 1024-bit keys + + JDK-8247350: [aarch64] assert(false) failed: wrong size of + mach node + + JDK-8249278: Revert JDK-8226253 which breaks the spec of + AccessibleState.SHOWING for JList + + JDK-8255086: Update the root locale display names + + JDK-8255734: VM should ignore SIGXFSZ on ppc64, s390 too + + JDK-8257999: Parallel GC crash in gc/parallel/ + /TestDynShrinkHeap.java: new region is not in covered_region + + JDK-8258419: RSA cipher buffer cleanup + + JDK-8258669: fastdebug jvm crashes when do event based + tracing for monitor inflation + + JDK-8258753: StartTlsResponse.close() hangs due to + synchronization issues + + JDK-8259271: gc/parallel/TestDynShrinkHeap.java still fails + "assert(covered_region.contains(new_memregion)) failed: new + region is not in covered_region" + + JDK-8259619: C1: 3-arg StubAssembler::call_RT stack-use + condition is incorrect + + JDK-8259886: Improve SSL session cache performance and + scalability + + JDK-8260029: aarch64: fix typo in verify_oop_array + + JDK-8260236: better init AnnotationCollector _contended_group + + JDK-8260255: C1: LoopInvariantCodeMotion constructor can + leave some fields uninitialized + + JDK-8260484: CheckExamples.java / NoJavaLangTest.java fail + with jtreg 4.2 + + JDK-8260704: ParallelGC: oldgen expansion needs release-store + for _end + + JDK-8261355: No data buffering in SunPKCS11 Cipher encryption + when the underlying mechanism has no padding + + JDK-8261867: Backport relevant test changes & additions from + JDK-8130125 + + JDK-8262110: DST starts from incorrect time in 2038 + + JDK-8262726: AArch64: C1 StubAssembler::call_RT can corrupt + stack + + JDK-8262730: Enable jdk8u MacOS external debug symbols + + JDK-8262864: No debug symbols in image for Windows + --with-native-debug-symbols=external + + JDK-8263061: copy wrong unpack200 debuginfo to bin directory + after 8252395 + + JDK-8263504: Some OutputMachOpcodes fields are uninitialized + + JDK-8263600: change rmidRunning to a simple lookup + + JDK-8264509: jdk8u MacOS zipped debug symbols won't build + + JDK-8264562: assert(verify_field_bit(1)) failed: Attempting + to write an uninitialized event field: type + + JDK-8264816: Weak handles leak causes GC to take longer + + JDK-8265832: runtime/StackGap/testme.sh fails to compile in 8u + + JDK-8265988: Fix sun/text/IntHashtable/Bug4170614 for JDK 8u + + JDK-8266191: Missing aarch64 parts of JDK-8181872 (C1: + possible overflow when strength reducing integer multiply by + constant) + * Import of OpenJDK 8 u302 build 02 + + JDK-8129511: PlatformMidi.c:83 uses malloc without malloc + header + * Import of OpenJDK 8 u302 build 03 + + JDK-8019470: Changes needed to compile JDK 8 on MacOS with + clang compiler + + JDK-8138820: JDK Hotspot build fails with Xcode 7.0.1 + + JDK-8241829: Cleanup the code for PrinterJob on windows + + JDK-8252883: AccessDeniedException caused by delayed file + deletion on Windows + + JDK-8256818: SSLSocket that is never bound or connected leaks + socket resources + + JDK-8257670: sun/security/ssl/SSLSocketImpl/ + /SSLSocketLeak.java reports leaks + + JDK-8257884: Re-enable sun/security/ssl/SSLSocketImpl/ + /SSLSocketLeak.java as automatic test + + JDK-8257997: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java + again reports leaks after JDK-8257884 + + JDK-8264640: CMS ParScanClosure misses a barrier + * Import of OpenJDK 8 u302 build 04 + + JDK-8032050: Clean up for java/rmi/activation/Activatable/ + /shutdownGracefully/ShutdownGracefully.java + + JDK-8043264: hsdis library not picked up correctly on + expected paths + + JDK-8130430: [TEST_BUG] remove unnecessary internal calls + from javax/swing/JRadioButton/8075609/bug8075609.java + + JDK-8206243: java -XshowSettings fails if + memory.limit_in_bytes overflows LONG.max + + JDK-8206925: Support the certificate_authorities extension + + JDK-8228757: Fail fast if the handshake type is unknown + + JDK-8242565: Policy initialization issues when the denyAfter + constraint is enabled + + JDK-8253375: OSX build fails with Xcode 12.0 (12A7209) + + JDK-8257039: [8u] GenericTaskQueue destructor is incorrect + + JDK-8262446: DragAndDrop hangs on Windows + + JDK-8265666: Enable AIX build platform to make external debug + symbols + * Import of OpenJDK 8 u302 build 05 + + JDK-6990210: [TEST_BUG] EventDispatchThread/ + /HandleExceptionOnEDT/HandleExceptionOnEDT.java fails on gnome + + JDK-7106851: Test should not use System.exit + + JDK-8028618: [TEST BUG] javax/swing/JScrollBar/bug4202954/ + /bug4202954.java fails + + JDK-8035000: clean up ActivationLibrary.DestroyThread + + JDK-8037825: Fix warnings and enable "warnings as errors" in + serviceability native libraries + + JDK-8043646: libosxapp.dylib fails to build on Mac OS 10.9 + with clang + + JDK-8047939: [TESTBUG] Rewrite + test/runtime/8001071/Test8001071.sh + + JDK-8074835: Resolve disabled warnings for libj2gss + + JDK-8074836: Resolve disabled warnings for libosxkrb5 + + JDK-8078855: [TEST_BUG] javax/swing/JComboBox/8032878/ + /bug8032878.java fails in WindowsClassicLookAndFeel + + JDK-8081764: [TEST_BUG] Test javax/swing/plaf/aqua/ + /CustomComboBoxFocusTest.java fails on Windows, Solaris + Sparcv9 and Linux but passes on MacOSX + + JDK-8172188: JDI tests fail due to "permission denied" when + creating temp file + + JDK-8196092: javax/swing/JComboBox/8032878/bug8032878.java + fails + + JDK-8202299: Java Keystore fails to load PKCS12/PFX + certificates created in WindowsServer2016 + + JDK-8239053: [8u] clean up undefined-var-template warnings + + JDK-8239400: [8u] clean up undefined-var-template warnings + + JDK-8249142: java/awt/FontClass/CreateFont/DeleteFont.sh is + unstable + + JDK-8250876: Fix issues with cross-compile on macos + + JDK-8254631: Better support ALPN byte wire values in SunJSSE + + JDK-8265462: Handle multiple slots in the NSS Internal Module + from SunPKCS11's Secmod + + JDK-8266723: JFR periodic events are causing extra allocations + + JDK-8266929: Unable to use algorithms from 3p providers + + JDK-8267235: [macos_aarch64] + InterpreterRuntime::throw_pending_exception messing up LR + results in crash + + JDK-8267426: MonitorVmStartTerminate test timed out on + Embedded VM + + JDK-8267689: [aarch64] Crash due to bad shift in indirect + addressing mode + * Import of OpenJDK 8 u302 build 06 + + JDK-8267545: [8u] Enable Xcode 12 builds on macOS + + JDK-8268444: keytool -v -list print is incorrect after + backport JDK-8141457 + * Import of OpenJDK 8 u302 build 07 + + JDK-8269388: Default build of OpenJDK 8 fails on newer GCCs + with warnings as errors on format-overflow + + JDK-8269468: JDK-8269388 breaks the build on older GCCs + * Import of OpenJDK 8 u302 build 08 + + JDK-8270533: AArch64: size_fits_all_mem_uses should return + false if its output is a CAS + * Shenandoah + + [backport] 8259580: Shenandoah: uninitialized label in + VerifyThreadGCState + + [backport] 8259954: gc/shenandoah/mxbeans tests fail with + -Xcomp + + [backport] 8261251: Shenandoah: Use object size for full GC + humongous + + [backport] 8261413: Shenandoah: Disable class-unloading in + I-U mode + + [backport] 8265239: Shenandoah: Shenandoah heap region count + could be off by 1 + + [backport] 8266802: Shenandoah: Round up region size to page + size unconditionally + + [backport] 8267561: Shenandoah: Reference processing not + properly setup for outside of cycle degenerated GC + + [backport] 8268127: Shenandoah: Heap size may be too small + for region to align to large page size + + [backport] 8268699: Shenandoah: Add test for JDK-8268127 + + Shenandoah: Process weak roots during class unloading cycle + +------------------------------------------------------------------- +Fri May 28 04:50:33 UTC 2021 - Fridrich Strba + +- Added patch: + * tls13extensions.patch + + make tlsv1.2 client hello not emit the optional tlsv1.3 + extensions (fixes bsc#1184639) + +------------------------------------------------------------------- +Fri May 14 08:07:18 UTC 2021 - Fridrich Strba + +- Update to version jdk8u292 (icedtea 3.19.0) + * April 2021 CPU + * Security fixes + + JDK-8227467: Better class method invocations + + JDK-8244473: Contextualize registration for JNDI + + JDK-8244543: Enhanced handling of abstract classes + + JDK-8249906, CVE-2021-2163, bsc#1185055: Enhance opening JARs + + JDK-8250568, CVE-2021-2161, bsc#1185056: Less ambiguous + processing + + JDK-8253799: Make lists of normal filenames + * New features + + PR3835: Populate unique SystemTap suffix from configure + * Import of OpenJDK 8 u292 build 01 + + JDK-6949753: [TEST BUG]: java/awt/print/PageFormat/ + /PDialogTest.java needs update by removing a infinite loop + + JDK-8031126: java/lang/management/ThreadMXBean/ + /ThreadUserTime.java fails intermittently + + JDK-8035166: Remove dependency on EC classes from pkcs11 + provider + + JDK-8035186: j2se_jdk/jdk/test/java/lang/invoke/lambda/ + /LogGeneratedClassesTest.java - assertion error + + JDK-8078450: Implement consistent process for quarantine of + tests + + JDK-8080953: [TEST_BUG]Test java/awt/FontClass/DebugFonts.java + fails due to wrongly typed bugid + + JDK-8081547: Prepare client libs regression tests for running + in a concurrent, headless jtreg environment + + JDK-8141457: keytool default cert fingerprint algorithm should + be SHA-256 + + JDK-8150204: (fs) Enhance java/nio/file/Files/ + /probeContentType/Basic.java debugging output + + JDK-8160217: JavaSound should clean up resources better + + JDK-8163363: AArch64: Stack size in tools/launcher/ + /Settings.java needs to be adjusted + + JDK-8167281: IIOMetadataNode bugs in getElementsByTagName and + NodeList.item methods + + JDK-8168996: C2 crash at postaloc.cpp:140 : assert(false) + failed: unexpected yanked node + + JDK-8185934: keytool shows "Signature algorithm: + SHA1withECDSA, -1-bit key" + + JDK-8186090: java.nio.Bits.unaligned() doesn't handle aarch64 + + JDK-8195685: AArch64 port of 8174962: Better interface + invocations + + JDK-8202343: Disable TLS 1.0 and 1.1 + + JDK-8211339: NPE during SSL handshake caused by + HostnameChecker + + JDK-8216987: ciMethodData::load_data() unpacks MDOs with + non-atomic copy + + JDK-8217338: [Containers] Improve systemd slice memory limit + support + + JDK-8223186: HotSpot compile warnings from GCC 9 + + JDK-8225805: Java Access Bridge does not close the logger + + JDK-8226899: Problemlist compiler/rtm tests + + JDK-8227642: [TESTBUG] Make docker tests podman compatible + + JDK-8228434: jdk/net/Sockets/Test.java fails after JDK-8227642 + + JDK-8229284: jdk/internal/platform/cgroup/ + /TestCgroupMetrics.java fails for - memory:getMemoryUsage + + JDK-8230388: Problemlist additional compiler/rtm tests + + JDK-8233228: Disable weak named curves by default in TLS, + CertPath, and Signed JAR + + JDK-8234727: sun/security/ssl/X509TrustManagerImpl tests + support TLSv1.3 + + JDK-8234728: Some security tests should support TLSv1.3 + + JDK-8235874: The ordering of Cipher Suites is not maintained + provided through jdk.tls.client.cipherSuites and + jdk.tls.server.cipherSuites system property. + + JDK-8238579: HttpsURLConnection drops the timeout and hangs + forever in read + + JDK-8242141: New System Properties to configure the TLS + signature schemes + + JDK-8244621: [macos10.15] Garbled FX printing plus CoreText + warnings on Catalina when building with Xcode 11 + + JDK-8249183: JVM crash in "AwtFrame::WmSize" method + + JDK-8249588: libwindowsaccessbridge issues on 64bit Windows + + JDK-8250984: Memory Docker tests fail on some Linux kernels + w/o cgroupv1 swap limit capabilities + + JDK-8251397: NPE on ClassValue.ClassValueMap.cacheArray + + JDK-8252470: java/awt/dnd/DisposeFrameOnDragCrash/ + /DisposeFrameOnDragTest.java fails on Windows + + JDK-8253368: TLS connection always receives close_notify + exception + + JDK-8253476: TestUseContainerSupport.java fails on some Linux + kernels w/o swap limit capabilities + + JDK-8253932: SSL debug log prints incorrect caller info + + JDK-8254854: [cgroups v1] Metric limits not properly detected + on some join controller combinations + + JDK-8255908: ExceptionInInitializerError due to + UncheckedIOException while initializing cgroupv1 subsystem + + JDK-8255937: Better cleanup for test/jdk/javax/imageio/stream/ + /StreamFlush.java + + JDK-8256642: [TEST_BUG] jdk/test/javax/sound/midi/MidiSystem/ + /DefaultProperties.java failed + + JDK-8257192: Integrate AArch64 JIT port into 8u + + JDK-8258079: Eliminate ParNew's use of klass_or_null() + + JDK-8258241: [8u] Missing doPrivileged() hunks from + JDK-8226575 + + JDK-8258396: SIGILL in jdk.jfr.internal.PlatformRecorder + .rotateDisk() + + JDK-8258430: 8u backport of JDK-8063107 missing test/javax/ + /swing/JRadioButton/8041561/bug8041561.java changes + + JDK-8258933: G1 needs klass_or_null_acquire + + JDK-8259312: VerifyCACerts.java fails as soneraclass2ca cert + will + + JDK-8259384: CUP version wrong in THIRD_PARTY_README after + JDK-8233548 + + JDK-8259568: PPC64 builds broken after JDK-8221408 8u backport + * Import of OpenJDK 8 u292 build 02 + + JDK-8078614: WindowsClassicLookAndFeel MetalComboBoxUI + .getbaseLine fails with IllegalArgumentException + + JDK-8198334: java/awt/FileDialog/8003399/bug8003399.java fails + in headless mode + + JDK-8249251: [dark_mode ubuntu 20.04] The selected menu is not + highlighted in GTKLookAndFeel + + JDK-8250582: Revert Principal Name type to NT-UNKNOWN when + requesting TGS Kerberos tickets + + JDK-8258833: Cancel multi-part cipher operations in SunPKCS11 + after failures + * Import of OpenJDK 8 u292 build 03 + + JDK-8145051: Wrong parameter name in synthetic lambda method + leads to verifier error + + JDK-8172404: Tools should warn if weak algorithms are used + before restricting them + + JDK-8209333: Socket reset issue for TLS 1.3 socket close + + JDK-8219991: New fix of the deadlock in + sun.security.ssl.SSLSocketImpl + + JDK-8239091: Reversed arguments in call to strstr in freetype + "debug" code. + + JDK-8240827: Downport SSLSocketImpl.java from "8221882: Use + fiber-friendly java.util.concurrent.locks in JSSE" + + JDK-8255880: UI of Swing components is not redrawn after their + internal state changed + + JDK-8256682: JDK-8202343 is incomplete + + JDK-8260930: AARCH64: Invalid value passed to critical JNI + function + * Import of OpenJDK 8 u292 build 04 + + JDK-8061777: (zipfs) IllegalArgumentException in ZipCoder + .toString when using Shitft_JIS + + JDK-8158525: Update a few java/net tests to use the loopback + address instead of the host address + + JDK-8171410: aarch64: long multiplyExact shifts by 31 instead + of 63 + + JDK-8225435: Upgrade IANA Language Subtag Registry to the + latest for JDK14 + + JDK-8235263: Revert TLS 1.3 change that wrapped IOExceptions + + JDK-8235311: Tag mismatch may alert bad_record_mac + + JDK-8236500: Windows ucrt.dll should be looked up in versioned + WINSDK subdirectory + + JDK-8260349: Cannot programmatically retrieve Metaspace max + set via JAVA_TOOL_OPTIONS + + JDK-8261766: [8u] hotspot needs to recognise cl.exe 19.16 to + build with VS2017 + + JDK-8262075: sun/security/krb5/auto/UseCacheAndStoreKey.java + timed out intermittently + * Import of OpenJDK 8 u292 build 05 + + JDK-6345095: regression test EmptyClipRenderingTest fails + + JDK-6896810: TEST_BUG: java/lang/ref/SoftReference/Pin.java + fails with OOME during System.out.println + + JDK-7107012: sun.jvm.hostspot.code.CompressedReadStream + readDouble() conversion to long mishandled + + JDK-7112454: TEST_BUG: java/awt/Choice/ + /PopdownGeneratesMouseEvents/PopdownGeneratesMouseEvents.html + failed + + JDK-7131835: [TEST_BUG] Test does not consider that the + rounded edges of the window in Mac OS 10.7 + + JDK-7185221: [macosx] Regtest should not throw exception if + a suitable display mode found + + JDK-8041464: [TEST_BUG] CustomClassLoaderTransferTest does not + support OS X + + JDK-8078024: javac, several incorporation steps are silently + failing when an error should be reported + + JDK-8129626: G1: set_in_progress() and clear_started() needs + a barrier on non-TSO platforms + + JDK-8211301: [macos] support full window content options + + JDK-8240353: AArch64: missing support for + -XX:+ExtendedDTraceProbes in C1 + + JDK-8248336: AArch64: C2: offset overflow in BoxLockNode::emit + + JDK-8257746: Regression introduced with JDK-8250984 - memory + might be null in some machines + + JDK-8261231: Windows IME was disabled after DnD operation + + JDK-8262073: assert(allocates2(pc)) failed: not in CodeBuffer + memory + * Import of OpenJDK 8 u292 build 06 + + JDK-8259048: (tz) Upgrade time-zone data to tzdata2020f + * Import of OpenJDK 8 u292 build 07 + + JDK-8263008: AARCH64: Add debug info for libsaproc.so + * Import of OpenJDK 8 u292 build 08 + + JDK-8191915: JCK tests produce incorrect results with C2 + + JDK-8256421: Add 2 HARICA roots to cacerts truststore + + JDK-8260356: (tz) Upgrade time-zone data to tzdata2021a + * Import of OpenJDK 8 u292 build 09 + + JDK-8264171: Missing aarch64 parts of JDK-8236179 (C1 register + allocation failure with T_ADDRESS) + * Import of OpenJDK 8 u292 build 10 + + JDK-8258247: Couple of issues in fix for JDK-8249906 + + JDK-8259428: AlgorithmId.getEncodedParams() should return copy + + JDK-8261183: Follow on to Make lists of normal filenames +* Backports + + JDK-8250825, PR3837: C2 crashes with assert(field != __null) + failed: missing field + + JDK-8255466, PR3837: C2 crashes at ciObject::get_oop() + const+0x0 +* Bug fixes + + PR3822: Update elliptic curve patch to handle + jdk.disabled.namedCurves (JDK-8233228) & file movement + (JDK-8035166) + + PR3836: Extra compiler flags not passed to adlc build + + PR3838: Bogus -Wnonnull warning on Zero builds + + PR3839: Make -Wnonnull warnings on ppc64 non-fatal for + now +* Shenandoah + + [backport] 8202976: Add C1 lea patching support for x86 + + [backport] 8221507: Implement JFR Events for Shenandoah + + [backport] 8224573: Fix windows build after JDK-8221507 + + [backport] 8228369: Shenandoah: Refactor LRB C1 stubs + + [backport] 8229474: Shenandoah: Cleanup CM::update_roots() + + [backport] 8229709: x86_32 build and test failures after + JDK-8228369 (Shenandoah: Refactor LRB C1 stubs) + + [backport] 8231087: Shenandoah: Self-fixing load reference + barriers for C1/C2 + + [backport] 8232747: Shenandoah: Concurrent GC should + deactivate SATB before processing weak roots + + [backport] 8232992: Shenandoah: Implement self-fixing + interpreter LRB + + [backport] 8233021: Shenandoah: SBSC2::is_shenandoah_lrb_call + should match all LRB shapes + + [backport] 8233165: + Shenandoah:SBSA::gen_load_reference_barrier_stub() should use + pointer register for address on aarch64 + + [backport] 8233574: Shenandoah: build is broken without jfr + + [backport] 8237837: Shenandoah: assert(mem == __null) failed: + only one safepoint + + [backport] 8238153: CTW: C2 (Shenandoah) compilation fails + with "Unknown node in get_load_addr: CreateEx" + + [backport] 8238851: Shenandoah: C1: Resolve into registers of + correct type + + [backport] 8240315: Shenandoah: + Rename ShLBN::get_barrier_strength() + + [backport] 8240751: Shenandoah: fold ShenandoahTracer + definition + + [backport] 8241765: Shenandoah: AARCH64 need to + save/restore call clobbered registers before calling keepalive + barrier + + [backport] 8244510: Shenandoah: invert SHC2Support::is_in_cset + condition + + [backport] 8244663: Shenandoah: C2 assertion fails in + Matcher::collect_null_checks + + [backport] 8244721: CTW: C2 (Shenandoah) compilation fails + with "unexpected infinite loop graph shape" + + [backport] 8251451: Shenandoah: Remark ObjectSynchronizer + roots with I-U + + [backport] 8252660: Shenandoah: support manageable + SoftMaxHeapSize option + + [backport] 8253224: Shenandoah: ShenandoahStrDedupQueue + destructor calls virtual num_queues() + + [backport] 8253778: + ShenandoahSafepoint::is_at_shenandoah_safepoint should not + access VMThread state from other threads + + [backport] 8255457: Shenandoah: cleanup ShenandoahMarkTask + + [backport] 8255760: Shenandoah: match constants style in + ShenandoahMarkTask fallback + + [backport] 8256806: Shenandoah: optimize shenandoah/jni/ + /TestPinnedGarbage.java test + + [backport] 8257641: Shenandoah: + Query is_at_shenandoah_safepoint() from control thread should + return false + + Fix racy update of code roots + + Fix register allocation for thread register is 32bit LRB + + Fix Shenandoah bindings in ADLC formssel + + Normalise whitespace in AArch64 sources prior to merge of + upstreamed version in 8u292-b01. + + Revert differences against upstream 8u + + Shenandoah: Backed out weak roots cleaning during full gc +* AArch64 port + + Normalise AArch64 sources, prior to merge of upstream version. + +------------------------------------------------------------------- +Mon Feb 8 08:08:11 UTC 2021 - Fridrich Strba + +- Update to version jdk8u282 (icedtea 3.18.0) + * January 2021 CPU (bsc#1181239) + * Security fixes + + JDK-8247619: Improve Direct Buffering of Characters + * Import of OpenJDK 8 u282 build 01 + + JDK-6962725: Regtest javax/swing/JFileChooser/6738668/ + /bug6738668.java fails under Linux + + JDK-8025936: Windows .pdb and .map files does not have proper + dependencies setup + + JDK-8030350: Enable additional compiler warnings for GCC + + JDK-8031423: Test java/awt/dnd/DisposeFrameOnDragCrash/ + /DisposeFrameOnDragTest.java fails by Timeout on Windows + + JDK-8036122: Fix warning 'format not a string literal' + + JDK-8051853: new + URI("x/").resolve("..").getSchemeSpecificPart() returns null! + + JDK-8132664: closed/javax/swing/DataTransfer/DefaultNoDrop/ + /DefaultNoDrop.java locks on Windows + + JDK-8134632: Mark javax/sound/midi/Devices/ + /InitializationHang.java as headful + + JDK-8148854: Class names "SomeClass" and "LSomeClass;" + treated by JVM as an equivalent + + JDK-8148916: Mark bug6400879.java as intermittently failing + + JDK-8148983: Fix extra comma in changes for JDK-8148916 + + JDK-8160438: javax/swing/plaf/nimbus/8057791/bug8057791.java + fails + + JDK-8165808: Add release barriers when allocating objects + with concurrent collection + + JDK-8185003: JMX: Add a version of + ThreadMXBean.dumpAllThreads with a maxDepth argument + + JDK-8202076: test/jdk/java/io/File/WinSpecialFiles.java on + windows with VS2017 + + JDK-8207766: [testbug] Adapt tests for Aix. + + JDK-8212070: Introduce diagnostic flag to abort VM on failed + JIT compilation + + JDK-8213448: [TESTBUG] enhance jfr/jvm/TestDumpOnCrash + + JDK-8215727: Restore JFR thread sampler loop to old / + previous behavior + + JDK-8220657: JFR.dump does not work when filename is set + + JDK-8221342: [TESTBUG] Generate Dockerfile for docker testing + + JDK-8224502: [TESTBUG] JDK docker test TestSystemMetrics.java + fails with access issues and OOM + + JDK-8231209: [REDO] ThreadMXBean::getThreadAllocatedBytes() + can be quicker for self thread + + JDK-8231968: getCurrentThreadAllocatedBytes default + implementation s/b getThreadAllocatedBytes + + JDK-8232114: JVM crashed at imjpapi.dll in native code + + JDK-8234270: [REDO] JDK-8204128 NMT might report incorrect + numbers for Compiler area + + JDK-8234339: replace JLI_StrTok in java_md_solinux.c + + JDK-8238448: RSASSA-PSS signature verification fail when + using certain odd key sizes + + JDK-8242335: Additional Tests for RSASSA-PSS + + JDK-8244225: stringop-overflow warning on strncpy call from + compile_the_world_in + + JDK-8245400: Upgrade to LittleCMS 2.11 + + JDK-8248214: Add paddings for TaskQueueSuper to reduce + false-sharing cache contention + + JDK-8249176: Update GlobalSignR6CA test certificates + + JDK-8250665: Wrong translation for the month name of May in + ar_JO,LB,SY + + JDK-8250928: JFR: Improve hash algorithm for stack traces + + JDK-8251469: Better cleanup for + test/jdk/javax/imageio/SetOutput.java + + JDK-8251840: Java_sun_awt_X11_XToolkit_getDefaultScreenData + should not be in make/mapfiles/libawt_xawt/mapfile-vers + + JDK-8252384: [TESTBUG] Some tests refer to COMPAT provider + rather than JRE + + JDK-8252395: [8u] --with-native-debug-symbols=external + doesn't include debuginfo files for binaries + + JDK-8252497: Incorrect numeric currency code for ROL + + JDK-8252754: Hash code calculation of JfrStackTrace is + inconsistent + + JDK-8252904: VM crashes when JFR is used and JFR event class + is transformed + + JDK-8252975: [8u] JDK-8252395 breaks the build for + --with-native-debug-symbols=internal + + JDK-8253284: Zero OrderAccess barrier mappings are incorrect + + JDK-8253550: [8u] JDK-8252395 breaks the build for make + STRIP_POLICY=no_strip + + JDK-8253752: test/sun/management/jmxremote/bootstrap/ + /RmiBootstrapTest.java fails randomly + + JDK-8254081: java/security/cert/PolicyNode/ + /GetPolicyQualifiers.java fails due to an expired certificate + + JDK-8254144: Non-x86 Zero builds fail with return-type + warning in os_linux_zero.cpp + + JDK-8254166: Zero: return-type warning in + zeroInterpreter_zero.cpp + + JDK-8254683: [TEST_BUG] jdk/test/sun/tools/jconsole/ + /WorkerDeadlockTest.java fails + + JDK-8255003: Build failures on Solaris + * Import of OpenJDK 8 u282 build 02 + + JDK-8253837: JFR 8u fix symbol and cstring hashtable equals + implementaion + + JDK-8255269: Unsigned overflow in g1Policy.cpp + * Import of OpenJDK 8 u282 build 03 + + JDK-8163161: [PIT][TEST_BUG] increase timeout in + javax/swing/plaf/nimbus/8057791/bug8057791.java + + JDK-8168292: [TESTBUG] [macosx] Test + java/awt/TrayIcon/DragEventSource/DragEventSource.java fails + on OS X + + JDK-8168682: jdk/test/java/lang/ClassLoader/forNameLeak/ + /ClassForNameLeak.java fails with -Xcomp + + JDK-8223108: Test java/awt/EventQueue/ + /NonComponentSourcePost.java is unstable + + JDK-8255603: Memory/Performance regression after JDK-8210985 + * Import of OpenJDK 8 u282 build 04 + + JDK-8022535: [TEST BUG] javax/swing/text/html/parser/ + /Test8017492.java fails + + JDK-8043899: compiler/5091921/Test7005594.java fails if + specified -Xmx is less than 1600m + + JDK-8046221: [TEST_BUG] Cleanup datatransfer tests + + JDK-8058805: [TEST_BUG]Test java/awt/TrayIcon/SecurityCheck/ + /NoPermissionTest/NoPermissionTest.java fails + + JDK-8068275: Some tests failed after JDK-8063104 + + JDK-8069211: (zipfs) ZipFileSystem creates corrupted zip if + entry output stream gets closed more than once + + JDK-8130772: Util.hitMnemonics does not work: + getSystemMnemonicKeyCodes() returns ALT_MASK rather than + VK_ALT + + JDK-8156803: Turn StressLCM/StressGCM flags to diagnostic + + JDK-8160761: [TESTBUG] Several compiler tests fail with + product bits + + JDK-8166015: [PIT][TEST_BUG] stray character in java/awt/ + /Focus/ModalDialogActivationTest/ + /ModalDialogActivationTest.java + + JDK-8166583: Add oopDesc::klass_or_null_acquire() + + JDK-8166663: Simplify oops_on_card_seq_iterate_careful + + JDK-8166862: CMS needs klass_or_null_acquire + + JDK-8179083: Uninitialized notifier in Java Monitor Wait + tracing event + + JDK-8205507: jdk/javax/xml/crypto/dsig/GenerationTests.java + timed out + + JDK-8217362: Emergency dump does not work when disk=false is + set + + JDK-8217766: Container Support doesn't work for some Join + Controllers combinations + + JDK-8219013: Update Apache Santuario (XML Signature) to + version 2.1.3 + + JDK-8219562: Line of code in osContainer_linux.cpp L102 + appears unreachable + + JDK-8220579: [Containers] SubSystem.java out of sync with + osContainer_linux.cpp + + JDK-8221340: [TESTBUG] TestCgroupMetrics.java fails after fix + for JDK-8219562 + + JDK-8221710: [TESTBUG] more configurable parameters for + docker testing + + JDK-8227006: [linux] Runtime.availableProcessors execution + time increased by factor of 100 + + JDK-8229868: Update Apache Santuario TPRM version + + JDK-8233548: Update CUP to v0.11b + + JDK-8242480: Negative value may be returned by + getFreeSwapSpaceSize() in the docker + + JDK-8246648: issue with OperatingSystemImpl + getFreeSwapSpaceSize in docker after 8242480 + + JDK-8249846: Change of behavior after JDK-8237117: Better + ForkJoinPool behavior + + JDK-8250636: iso8601_time returns incorrect offset part on + MacOS + + JDK-8251365: Build failure on AIX after 8250636 + + JDK-8255717: Fix JFR crash in WriteObjectSampleStacktrace due + to object not initialized + + JDK-8256618: Zero: Linux x86_32 build still fails + + JDK-8256671: Incorrect assignment operator used in + guarantee() in genCollectedHeap + + JDK-8256752: 8252395 incorrect copy rule for macos .dSYM + folder + + JDK-8257397: [TESTBUG] test/lib/containers/docker/Common.java + refers to -Xlog:os+container=trace + * Import of OpenJDK 8 u282 build 05 + + JDK-8254982: (tz) Upgrade time-zone data to tzdata2020c + * Import of OpenJDK 8 u282 build 06 + + JDK-8255226: (tz) Upgrade time-zone data to tzdata2020d + * Import of OpenJDK 8 u282 build 07 + + JDK-8225072: Add LuxTrust certificate that is expiring in + March 2021 to list of allowed but expired certs + + JDK-8239105: Add exception for expiring Digicert root + certificates to VerifyCACerts test + + JDK-8258630: Add expiry exception for QuoVadis root + certificate + * Bug fixes + + PR3819: Installation can't handle existing tapset symlinks + * Shenandoah + + Shenandoah: Fix racy update of code roots + * AArch32 port + + JDK-8253036: Support building the Zero assembler port on + AArch64 + +------------------------------------------------------------------- +Thu Nov 26 19:13:31 UTC 2020 - Fridrich Strba + +- Update to version jdk8u275 (icedtea 3.17.1) + * Import of OpenJDK 8 u275 build 01 + + JDK-8214440, bsc#1179441: ldap over a TLS connection negotiate + failed with "javax.net.ssl.SSLPeerUnverifiedException: + hostname of the server "does not match the hostname in the + server's certificate" + + JDK-8223940: Private key not supported by chosen signature + algorithm + + JDK-8236512: PKCS11 Connection closed after Cipher.doFinal + and NoPadding + + JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool) + * Bug fixes + + PR3815: Fix new s390 size_t issue in + g1ConcurrentMarkObjArrayProcessor.cpp +- Removed patches: + * JDK-8250861.patch + * s390.patch + + integrated upstream + +------------------------------------------------------------------- +Tue Nov 17 09:22:44 UTC 2020 - Fridrich Strba + +- Modified patch: + * java-atk-wrapper-security.patch + + Fix errors introduced by manual rediffing of the patch + +------------------------------------------------------------------- +Thu Nov 5 18:06:39 UTC 2020 - Archie Cobbs + +- Add missing /etc/alternatives link for "jcmd" utility + +------------------------------------------------------------------- +Wed Nov 4 11:32:33 UTC 2020 - Fridrich Strba + +- Enable Shenandoah garbage collector on supported architectures + and distributions + +------------------------------------------------------------------- +Mon Nov 2 16:04:46 UTC 2020 - Fridrich Strba + +- Added patch: + * s390.patch + + Fix build on s390 31bit + +------------------------------------------------------------------- +Mon Nov 2 14:29:43 UTC 2020 - Fridrich Strba + +- Added patch: + * JDK-8250861.patch + + Fix regression "8250861: Crash in MinINode::Ideal(PhaseGVN*, + bool)" introduced in October 2020 CPU + +------------------------------------------------------------------- +Wed Oct 28 09:47:16 UTC 2020 - Fridrich Strba + +- Update to version jdk8u272 (icedtea 3.17.0) (July 2020 CPU, + bsc#1174157, and October 2020 CPU, bsc#1177943) + * New features + + JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7 + + PR3796: Allow the number of curves supported to be specified + * Security fixes + + JDK-8028431, CVE-2020-14579: NullPointerException in + DerValue.equals(DerValue) + + JDK-8028591, CVE-2020-14578: NegativeArraySizeException in + sun.security.util.DerInputStream.getUnalignedBitString() + + JDK-8230613: Better ASCII conversions + + JDK-8231800: Better listing of arrays + + JDK-8232014: Expand DTD support + + JDK-8233255: Better Swing Buttons + + JDK-8233624: Enhance JNI linkage + + JDK-8234032: Improve basic calendar services + + JDK-8234042: Better factory production of certificates + + JDK-8234418: Better parsing with CertificateFactory + + JDK-8234836: Improve serialization handling + + JDK-8236191: Enhance OID processing + + JDK-8236196: Improve string pooling + + JDK-8236862, CVE-2020-14779: Enhance support of Proxy class + + JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior + + JDK-8237592, CVE-2020-14577: Enhance certificate verification + + JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts + + JDK-8237995, CVE-2020-14782: Enhance certificate processing + + JDK-8238002, CVE-2020-14581: Better matrix operations + + JDK-8238804: Enhance key handling process + + JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable + + JDK-8238843: Enhanced font handing + + JDK-8238920, CVE-2020-14583: Better Buffer support + + JDK-8238925: Enhance WAV file playback + + JDK-8240119, CVE-2020-14593: Less Affine Transformations + + JDK-8240124: Better VM Interning + + JDK-8240482: Improved WAV file playback + + JDK-8241114, CVE-2020-14792: Better range handling + + JDK-8241379: Update JCEKS support + + JDK-8241522: Manifest improved jar headers redux + + JDK-8242136, CVE-2020-14621: Better XML namespace handling + + JDK-8242680, CVE-2020-14796: Improved URI Support + + JDK-8242685, CVE-2020-14797: Better Path Validation + + JDK-8242695, CVE-2020-14798: Enhanced buffer support + + JDK-8243302: Advanced class supports + + JDK-8244136, CVE-2020-14803: Improved Buffer supports + + JDK-8244479: Further constrain certificates + + JDK-8244955: Additional Fix for JDK-8240124 + + JDK-8245407: Enhance zoning of times + + JDK-8245412: Better class definitions + + JDK-8245417: Improve certificate chain handling + + JDK-8248574: Improve jpeg processing + + JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit + + JDK-8253019: Enhanced JPEG decoding + * Import of OpenJDK 8 u262 build 01 + + JDK-4949105: Access Bridge lacks html tags parsing + + JDK-8003209: JFR events for network utilization + + JDK-8030680: 292 cleanup from default method code assessment + + JDK-8035633: TEST_BUG: java/net/NetworkInterface/Equals.java + and some tests failed on windows intermittently + + JDK-8041626: Shutdown tracing event + + JDK-8141056: Erroneous assignment in HeapRegionSet.cpp + + JDK-8149338: JVM Crash caused by Marlin renderer not handling + NaN coordinates + + JDK-8151582: (ch) test java/nio/channels/ + /AsyncCloseAndInterrupt.java failing due to "Connection + succeeded" + + JDK-8165675: Trace event for thread park has incorrect unit + for timeout + + JDK-8176182: 4 security tests are not run + + JDK-8178910: Problemlist sample tests + + JDK-8183925: Decouple crash protection from watcher thread + + JDK-8191393: Random crashes during cfree+0x1c + + JDK-8195817: JFR.stop should require name of recording + + JDK-8195818: JFR.start should increase autogenerated name by + one + + JDK-8195819: Remove recording=x from jcmd JFR.check output + + JDK-8199712: Flight Recorder + + JDK-8202578: Revisit location for class unload events + + JDK-8202835: jfr/event/os/TestSystemProcess.java fails on + missing events + + JDK-8203287: Zero fails to build after JDK-8199712 (Flight + Recorder) + + JDK-8203346: JFR: Inconsistent signature of + jfr_add_string_constant + + JDK-8203664: JFR start failure after AppCDS archive created + with JFR StartFlightRecording + + JDK-8203921: JFR thread sampling is missing fixes from + JDK-8194552 + + JDK-8203929: Limit amount of data for JFR.dump + + JDK-8205516: JFR tool + + JDK-8207392: [PPC64] Implement JFR profiling + + JDK-8207829: FlightRecorderMXBeanImpl is leaking the first + classloader which calls it + + JDK-8209960: -Xlog:jfr* doesn't work with the JFR + + JDK-8210024: JFR calls virtual is_Java_thread from ~Thread() + + JDK-8210776: Upgrade X Window System 6.8.2 to the latest XWD + 1.0.7 + + JDK-8211239: Build fails without JFR: empty JFR events + signatures mismatch + + JDK-8212232: Wrong metadata for the configuration of the + cutoff for old object sample events + + JDK-8213015: Inconsistent settings between JFR.configure and + -XX:FlightRecorderOptions + + JDK-8213421: Line number information for execution samples + always 0 + + JDK-8213617: JFR should record the PID of the recorded process + + JDK-8213734: SAXParser.parse(File, ..) does not close + resources when Exception occurs. + + JDK-8213914: [TESTBUG] Several JFR VM events are not covered + by tests + + JDK-8213917: [TESTBUG] Shutdown JFR event is not covered by + test + + JDK-8213966: The ZGC JFR events should be marked as + experimental + + JDK-8214542: JFR: Old Object Sample event slow on a deep heap + in debug builds + + JDK-8214750: Unnecessary

tags in jfr classes + + JDK-8214896: JFR Tool left files behind + + JDK-8214906: [TESTBUG] jfr/event/sampling/TestNative.java + fails with UnsatisfiedLinkError + + JDK-8214925: JFR tool fails to execute + + JDK-8215175: Inconsistencies in JFR event metadata + + JDK-8215237: jdk.jfr.Recording javadoc does not compile + + JDK-8215284: Reduce noise induced by periodic task + getFileSize() + + JDK-8215355: Object monitor deadlock with no threads holding + the monitor (using jemalloc 5.1) + + JDK-8215362: JFR GTest JfrTestNetworkUtilization fails + + JDK-8215771: The jfr tool should pretty print reference chains + + JDK-8216064: -XX:StartFlightRecording:settings= doesn't work + properly + + JDK-8216486: Possibility of integer overflow in + JfrThreadSampler::run() + + JDK-8216528: test/jdk/java/rmi/transport/ + /runtimeThreadInheritanceLeak/ + /RuntimeThreadInheritanceLeak.java failing with Xcomp + + JDK-8216559: [JFR] Native libraries not correctly parsed from + /proc/self/maps + + JDK-8216578: Remove unused/obsolete method in JFR code + + JDK-8216995: Clean up JFR command line processing + + JDK-8217744: [TESTBUG] JFR TestShutdownEvent fails on some + systems due to process surviving SIGINT + + JDK-8217748: [TESTBUG] Exclude TestSig test case from JFR + TestShutdownEvent + + JDK-8218935: Make jfr strncpy uses GCC 8.x friendly + + JDK-8223147: JFR Backport + + JDK-8223689: Add JFR Thread Sampling Support + + JDK-8223690: Add JFR BiasedLock Event Support + + JDK-8223691: Add JFR G1 Region Type Change Event Support + + JDK-8223692: Add JFR G1 Heap Summary Event Support + + JDK-8224172: assert(jfr_is_event_enabled(id)) failed: + invariant + + JDK-8224475: JTextPane does not show images in HTML rendering + + JDK-8226253: JAWS reports wrong number of radio buttons when + buttons are hidden. + + JDK-8226779: [TESTBUG] Test JFR API from Java agent + + JDK-8226892: ActionListeners on JRadioButtons don't get + notified when selection is changed with arrow keys + + JDK-8227011: Starting a JFR recording in response to JVMTI + VMInit and / or Java agent premain corrupts memory + + JDK-8227605: Kitchensink fails "assert((((klass)->trace_id() + & (JfrTraceIdEpoch::leakp_in_use_this_epoch_bit())) != 0)) + failed: invariant" + + JDK-8229366: JFR backport allows unchecked writing to memory + + JDK-8229401: Fix JFR code cache test failures + + JDK-8229708: JFR backport code does not initialize + + JDK-8229873: 8229401 broke jdk8u-jfr-incubator + + JDK-8230448: [test] JFRSecurityTestSuite.java is failing on + Windows + + JDK-8230707: JFR related tests are failing + + JDK-8230782: Robot.createScreenCapture() fails if + "awt.robot.gtk" is set to false + + JDK-8230856: Java_java_net_NetworkInterface_getByName0 on + unix misses ReleaseStringUTFChars in early return + + JDK-8230947: TestLookForUntestedEvents.java is failing after + JDK-8230707 + + JDK-8231995: two jtreg tests failed after 8229366 is fixed + + JDK-8233623: Add classpath exception to copyright in + EventHandlerProxyCreator.java file + + JDK-8236002: CSR for JFR backport suggests not leaving out + the package-info + + JDK-8236008: Some backup files were accidentally left in the + hotspot tree + + JDK-8236074: Missed package-info + + JDK-8236174: Should update javadoc since tags + + JDK-8238076: Fix OpenJDK 7 Bootstrap Broken by JFR Backport + + JDK-8238452: Keytool generates wrong expiration date if + validity is set to 2050/01/01 + + JDK-8238555: Allow Initialization of SunPKCS11 with NSS when + there are external FIPS modules in the NSSDB + + JDK-8238589: Necessary code cleanup in JFR for JDK8u + + JDK-8238590: Enable JFR by default during compilation in 8u + + JDK-8239055: Wrong implementation of VMState.hasListener + + JDK-8239476: JDK-8238589 broke windows build by moving + OrderedPair + + JDK-8239479: minimal1 and zero builds are failing + + JDK-8239867: correct over use of INCLUDE_JFR macro + + JDK-8240375: Disable JFR by default for July 2020 release + + JDK-8241444: Metaspace::_class_vsm not initialized if + compressed class pointers are disabled + + JDK-8241902: AIX Build broken after integration of + JDK-8223147 (JFR Backport) + + JDK-8242788: Non-PCH build is broken after JDK-8191393 + * Import of OpenJDK 8 u262 build 02 + + JDK-8130737: AffineTransformOp can't handle child raster with + non-zero x-offset + + JDK-8172559: [PIT][TEST_BUG] Move @test to be 1st annotation + in java/awt/image/Raster/TestChildRasterOp.java + + JDK-8230926: [macosx] Two apostrophes are entered instead of + one with "U.S. International - PC" layout + + JDK-8240576: JVM crashes after transformation in C2 + IdealLoopTree::merge_many_backedges + + JDK-8242883: Incomplete backport of JDK-8078268: backport + test part + * Import of OpenJDK 8 u262 build 03 + + JDK-8037866: Replace the Fun class in tests with lambdas + + JDK-8146612: C2: Precedence edges specification violated + + JDK-8150986: serviceability/sa/jmap-hprof/ + /JMapHProfLargeHeapTest.java failing because expects HPROF + JAVA PROFILE 1.0.1 file format + + JDK-8229888: (zipfs) Updating an existing zip file does not + preserve original permissions + + JDK-8230597: Update GIFlib library to the 5.2.1 + + JDK-8230769: BufImg_SetupICM add + ReleasePrimitiveArrayCritical call in early return + + JDK-8233880, PR3798: Support compilers with multi-digit major + version numbers + + JDK-8239852: java/util/concurrent tests fail with + -XX:+VerifyGraphEdges: assert(!VerifyGraphEdges) failed: + verification should have failed + + JDK-8241638: launcher time metrics always report 1 on Linux + when _JAVA_LAUNCHER_DEBUG set + + JDK-8243059: Build fails when --with-vendor-name contains a + comma + + JDK-8243474: [TESTBUG] removed three tests of 0 bytes + + JDK-8244461: [JDK 8u] Build fails with glibc 2.32 + + JDK-8244548: JDK 8u: sun.misc.Version.jdkUpdateVersion() + returns wrong result + * Import of OpenJDK 8 u262 build 04 + + JDK-8067796: (process) Process.waitFor(timeout, unit) doesn't + throw NPE if timeout is less than, or equal to zero when unit + == null + + JDK-8148886: SEGV in sun.java2d.marlin.Renderer._endRendering + + JDK-8171934: + ObjectSizeCalculator.getEffectiveMemoryLayoutSpecification() + does not recognize OpenJDK's HotSpot VM + + JDK-8196969: JTreg Failure: + serviceability/sa/ClhsdbJstack.java causes NPE + + JDK-8243539: Copyright info (Year) should be updated for fix + of 8241638 + + JDK-8244777: ClassLoaderStats VM Op uses constant hash value + * Import of OpenJDK 8 u262 build 05 + + JDK-7147060: com/sun/org/apache/xml/internal/security/ + /transforms/ClassLoaderTest.java doesn't run in agentvm mode + + JDK-8178374: Problematic ByteBuffer handling in + CipherSpi.bufferCrypt method + + JDK-8181841: A TSA server returns timestamp with precision + higher than milliseconds + + JDK-8227269: Slow class loading when running with JDWP + + JDK-8229899: Make java.io.File.isInvalid() less racy + + JDK-8236996: Incorrect Roboto font rendering on Windows with + subpixel antialiasing + + JDK-8241750: x86_32 build failure after JDK-8227269 + + JDK-8244407: JVM crashes after transformation in C2 + IdealLoopTree::split_fall_in + + JDK-8244843: JapanEraNameCompatTest fails + * Import of OpenJDK 8 u262 build 06 + + JDK-8246223: Windows build fails after JDK-8227269 + * Import of OpenJDK 8 u262 build 07 + + JDK-8233197: Invert JvmtiExport::post_vm_initialized() and + Jfr:on_vm_start() start-up order for correct option parsing + + JDK-8243541: (tz) Upgrade time-zone data to tzdata2020a + + JDK-8245167: Top package in method profiling shows null in JMC + + JDK-8246703: [TESTBUG] Add test for JDK-8233197 + * Import of OpenJDK 8 u262 build 08 + + JDK-8220293: Deadlock in JFR string pool + + JDK-8225068: Remove DocuSign root certificate that is + expiring in May 2020 + + JDK-8225069: Remove Comodo root certificate that is expiring + in May 2020 + * Import of OpenJDK 8 u262 build 09 + + JDK-8248399: Build installs jfr binary when JFR is disabled + * Import of OpenJDK 8 u262 build 10 + + JDK-8248715: New JavaTimeSupplementary localisation for 'in' + installed in wrong package + * Import of OpenJDK 8 u265 build 01 + + JDK-8249677: Regression in 8u after JDK-8237117: Better + ForkJoinPool behavior + + JDK-8250546: Expect changed behaviour reported in JDK-8249846 + * Import of OpenJDK 8 u272 build 01 + + JDK-8006205: [TESTBUG] NEED_TEST: please JTREGIFY + test/compiler/7177917/Test7177917.java + + JDK-8035493: JVMTI PopFrame capability must instruct + compilers not to prune locals + + JDK-8036088: Replace strtok() with its safe equivalent + strtok_s() in DefaultProxySelector.c + + JDK-8039082: [TEST_BUG] Test java/awt/dnd/ + /BadSerializationTest/BadSerializationTest.java fails + + JDK-8075774: Small readability and performance improvements + for zipfs + + JDK-8132206: move ScanTest.java into OpenJDK + + JDK-8132376: Add @requires os.family to the client tests with + access to internal OS-specific API + + JDK-8132745: minor cleanup of java/util/Scanner/ScanTest.java + + JDK-8137087: [TEST_BUG] Cygwin failure of java/awt/ + /appletviewer/IOExceptionIfEncodedURLTest/ + /IOExceptionIfEncodedURLTest.sh + + JDK-8145808: java/awt/Graphics2D/MTGraphicsAccessTest/ + /MTGraphicsAccessTest.java hangs on Win. 8 + + JDK-8151788: NullPointerException from ntlm.Client.type3 + + JDK-8151834: Test SmallPrimeExponentP.java times out + intermittently + + JDK-8153430: jdk regression test MletParserLocaleTest, + ParserInfiniteLoopTest reduce default timeout + + JDK-8153583: Make OutputAnalyzer.reportDiagnosticSummary + public + + JDK-8156169: Some sound tests rarely hangs because of + incorrect synchronization + + JDK-8165936: Potential Heap buffer overflow when seaching + timezone info files + + JDK-8166148: Fix for JDK-8165936 broke solaris builds + + JDK-8167300: Scheduling failures during gcm should be fatal + + JDK-8167615: Opensource unit/regression tests for JavaSound + + JDK-8172012: [TEST_BUG] delays needed in + javax/swing/JTree/4633594/bug4633594.java + + JDK-8177628: Opensource unit/regression tests for ImageIO + + JDK-8183341: Better cleanup for javax/imageio/AllowSearch.java + + JDK-8183351: Better cleanup for jdk/test/javax/imageio/spi/ + /AppletContextTest/BadPluginConfigurationTest.sh + + JDK-8193137: Nashorn crashes when given an empty script file + + JDK-8194298: Add support for per Socket configuration of TCP + keepalive + + JDK-8198004: javax/swing/JFileChooser/6868611/bug6868611.java + throws error + + JDK-8200313: java/awt/Gtk/GtkVersionTest/GtkVersionTest.java + fails + + JDK-8210147: adjust some WSAGetLastError usages in windows + network coding + + JDK-8211714: Need to update vm_version.cpp to recognise + VS2017 minor versions + + JDK-8214862: assert(proj != __null) at compile.cpp:3251 + + JDK-8217606: LdapContext#reconnect always opens a new + connection + + JDK-8217647: JFR: recordings on 32-bit systems unreadable + + JDK-8226697: Several tests which need the @key headful + keyword are missing it. + + JDK-8229378: jdwp library loader in linker_md.c quietly + truncates on buffer overflow + + JDK-8230303: JDB hangs when running monitor command + + JDK-8230711: ConnectionGraph::unique_java_object(Node* N) + return NULL if n is not in the CG + + JDK-8234617: C1: Incorrect result of field load due to + missing narrowing conversion + + JDK-8235243: handle VS2017 15.9 and VS2019 in + abstract_vm_version + + JDK-8235325: build failure on Linux after 8235243 + + JDK-8235687: Contents/MacOS/libjli.dylib cannot be a symlink + + JDK-8237951: CTW: C2 compilation fails with "malformed + control flow" + + JDK-8238225: Issues reported after replacing symlink at + Contents/MacOS/libjli.dylib with binary + + JDK-8239385: KerberosTicket client name refers wrongly to + sAMAccountName in AD + + JDK-8239819: XToolkit: Misread of screen information memory + + JDK-8240295: hs_err elapsed time in seconds is not accurate + enough + + JDK-8241888: Mirror jdk.security.allowNonCaAnchor system + property with a security one + + JDK-8242498: Invalid "sun.awt.TimedWindowEvent" object leads + to JVM crash + + JDK-8243489: Thread CPU Load event may contain wrong data for + CPU time under certain conditions + + JDK-8244818: Java2D Queue Flusher crash while moving + application window to external monitor + + JDK-8246310: Clean commented-out code about ModuleEntry + and PackageEntry in JFR + + JDK-8246384: Enable JFR by default on supported architectures + for October 2020 release + + JDK-8248643: Remove extra leading space in JDK-8240295 8u + backport + + JDK-8249610: Make + sun.security.krb5.Config.getBooleanObject(String... keys) + method public + * Import of OpenJDK 8 u272 build 02 + + JDK-8023697: failed class resolution reports different class + name in detail message for the first and subsequent times + + JDK-8025886: replace [[ and == bash extensions in regtest + + JDK-8046274: Removing dependency on jakarta-regexp + + JDK-8048933: -XX:+TraceExceptions output should include the + message + + JDK-8076151: [TESTBUG] Test java/awt/FontClass/CreateFont/ + /fileaccess/FontFile.java fails + + JDK-8148854: Class names "SomeClass" and "LSomeClass;" + treated by JVM as an equivalent + + JDK-8154313: Generated javadoc scattered all over the place + + JDK-8163251: Hard coded loop limit prevents reading of smart + card data greater than 8k + + JDK-8173300: [TESTBUG]compiler/tiered/NonTieredLevelsTest.java + fails with compiler.whitebox.SimpleTestCaseHelper(int) must be + compiled + + JDK-8183349: Better cleanup for jdk/test/javax/imageio/ + /plugins/shared/CanWriteSequence.java and WriteAfterAbort.java + + JDK-8191678: [TESTBUG] Add keyword headful in java/awt + FocusTransitionTest test. + + JDK-8201633: Problems with AES-GCM native acceleration + + JDK-8211049: Second parameter of "initialize" method is not + used + + JDK-8219566: JFR did not collect call stacks when + MaxJavaStackTraceDepth is set to zero + + JDK-8220165: Encryption using GCM results in + RuntimeException- input length out of bound + + JDK-8220555: JFR tool shows potentially misleading message + when it cannot access a file + + JDK-8224217: RecordingInfo should use textual representation + of path + + JDK-8231779: crash + HeapWord*ParallelScavengeHeap::failed_mem_allocate + + JDK-8238380, PR3798: java.base/unix/native/libjava/childproc.c + "multiple definition" link errors with GCC10 + + JDK-8238386, PR3798: (sctp) jdk.sctp/unix/native/libsctp/ + /SctpNet.c "multiple definition" link errors with GCC10 + + JDK-8238388, PR3798: libj2gss/NativeFunc.o "multiple + definition" link errors with GCC10 + + JDK-8242556: Cannot load RSASSA-PSS public key with non-null + params from byte array + + JDK-8250755: Better cleanup for jdk/test/javax/imageio/ + /plugins/shared/CanWriteSequence.java + * Import of OpenJDK 8 u272 build 03 + + JDK-6574989: TEST_BUG: + javax/sound/sampled/Clip/bug5070081.java fails sometimes + + JDK-8148754: C2 loop unrolling fails due to unexpected graph + shape + + JDK-8192953: sun/management/jmxremote/bootstrap/*.sh tests + fail with error : revokeall.exe: Permission denied + + JDK-8203357: Container Metrics + + JDK-8209113: Use WeakReference for lastFontStrike for created + Fonts + + JDK-8216283: Allow shorter method sampling interval than 10 ms + + JDK-8221569: JFR tool produces incorrect output when both + --categories and --events are specified + + JDK-8233097: Fontmetrics for large Fonts has zero width + + JDK-8248851: CMS: Missing memory fences between free chunk + check and klass read + + JDK-8250875: Incorrect parameter type for update_number in + JDK_Version::jdk_update + * Import of OpenJDK 8 u272 build 04 + + JDK-8061616: HotspotDiagnosticMXBean.getVMOption() throws + IllegalArgumentException for flags of type double + + JDK-8177334: Update xmldsig implementation to Apache + Santuario 2.1.1 + + JDK-8217878: ENVELOPING XML signature no longer works in JDK + 11 + + JDK-8218629: XML Digital Signature throws NAMESPACE_ERR + exception on OpenJDK 11, works 8/9/10 + + JDK-8243138: Enhance BaseLdapServer to support starttls + extended request + * Import of OpenJDK 8 u272 build 05 + + JDK-8026236: Add PrimeTest for BigInteger + + JDK-8057003: Large reference arrays cause extremely long + synchronization times + + JDK-8060721: Test runtime/SharedArchiveFile/ + /LimitSharedSizes.java fails in jdk 9 fcs new + platforms/compiler + + JDK-8152077: (cal) Calendar.roll does not always roll the + hours during daylight savings + + JDK-8168517: java/lang/ProcessBuilder/Basic.java failed + + JDK-8211163: UNIX version of Java_java_io_Console_echo does + not return a clean boolean + + JDK-8220674: [TESTBUG] MetricsMemoryTester failcount test in + docker container only works with debug JVMs + + JDK-8231213: Migrate SimpleDateFormatConstTest to JDK Repo + + JDK-8236645: JDK 8u231 introduces a regression with + incompatible handling of XML messages + + JDK-8240676: Meet not symmetric failure when running lucene + on jdk8 + + JDK-8243321: Add Entrust root CA - G4 to Oracle Root CA + program + + JDK-8249158: THREAD_START and THREAD_END event posted in + primordial phase + + JDK-8250627: Use -XX:+/-UseContainerSupport for + enabling/disabling Java container metrics + + JDK-8251546: 8u backport of JDK-8194298 breaks AIX and + Solaris builds + + JDK-8252084: Minimal VM fails to bootcycle: undefined symbol: + AgeTableTracer::is_tenuring_distribution_event_enabled + * Import of OpenJDK 8 u272 build 06 + + JDK-8064319: Need to enable -XX:+TraceExceptions in release + builds + + JDK-8080462, PR3801: Update SunPKCS11 provider with PKCS11 + v2.40 support + + JDK-8160768: Add capability to custom resolve host/domain + names within the default JNDI LDAP provider + + JDK-8161973: PKIXRevocationChecker.getSoftFailExceptions() + not working + + JDK-8169925, PR3801: PKCS #11 Cryptographic Token Interface + license + + JDK-8184762: ZapStackSegments should use optimized memset + + JDK-8193234: When using -Xcheck:jni an internally allocated + buffer can leak + + JDK-8219919: RuntimeStub name lost with + PrintFrameConverterAssembly + + JDK-8220313: [TESTBUG] Update base image for Docker testing + to OL 7.6 + + JDK-8222079: Don't use memset to initialize fields decode_env + constructor in disassembler.cpp + + JDK-8225695: 32-bit build failures after JDK-8080462 (Update + SunPKCS11 provider with PKCS11 v2.40 support) + + JDK-8226575: OperatingSystemMXBean should be made container + aware + + JDK-8226809: Circular reference in printed stack trace is not + correctly indented & ambiguous + + JDK-8228835: Memory leak in PKCS11 provider when using AES GCM + + JDK-8233621: Mismatch in jsse.enableMFLNExtension property + name + + JDK-8238898, PR3801: Missing hash characters for header on + license file + + JDK-8243320: Add SSL root certificates to Oracle Root CA + program + + JDK-8244151: Update MUSCLE PC/SC-Lite headers to the latest + release 1.8.26 + + JDK-8245467: Remove 8u TLSv1.2 implementation files + + JDK-8245469: Remove DTLS protocol implementation + + JDK-8245470: Fix JDK8 compatibility issues + + JDK-8245471: Revert JDK-8148188 + + JDK-8245472: Backport JDK-8038893 to JDK8 + + JDK-8245473: OCSP stapling support + + JDK-8245474: Add TLS_KRB5 cipher suites support according to + RFC-2712 + + JDK-8245476: Disable TLSv1.3 protocol in the ClientHello + message by default + + JDK-8245477: Adjust TLS tests location + + JDK-8245653: Remove 8u TLS tests + + JDK-8245681: Add TLSv1.3 regression test from 11.0.7 + + JDK-8251117: Cannot check P11Key size in P11Cipher and + P11AEADCipher + + JDK-8251120, PR3793: [8u] HotSpot build assumes ENABLE_JFR is + set to either true or false + + JDK-8251341: Minimal Java specification change + + JDK-8251478: Backport TLSv1.3 regression tests to JDK8u + * Import of OpenJDK 8 u272 build 07 + + JDK-8246193: Possible NPE in ENC-PA-REP search in AS-REQ + * Import of OpenJDK 8 u272 build 08 + + JDK-8062947: Fix exception message to correctly represent + LDAP connection failure + + JDK-8151678: com/sun/jndi/ldap/LdapTimeoutTest.java failed + due to timeout on DeadServerNoTimeoutTest is incorrect + + JDK-8252573: 8u: Windows build failed after 8222079 backport + * Import of OpenJDK 8 u272 build 09 + + JDK-8252886: [TESTBUG] sun/security/ec/TestEC.java : + Compilation failed + * Import of OpenJDK 8 u272 build 10 + + JDK-8254673: Call to JvmtiExport::post_vm_start() was removed + by the fix for JDK-8249158 + + JDK-8254937: Revert JDK-8148854 for 8u272 + * Backports + + JDK-8038723, PR3806: Openup some PrinterJob tests + + JDK-8041480, PR3806: ArrayIndexOutOfBoundsException when + JTable contains certain string + + JDK-8058779, PR3805: Faster implementation of + String.replace(CharSequence, CharSequence) + + JDK-8130125, PR3806: [TEST_BUG] add @modules to the several + client tests unaffected by the automated bulk update + + JDK-8144015, PR3806: [PIT] failures of text layout font tests + + JDK-8144023, PR3806: [PIT] failure of text measurements in + javax/swing/text/html/parser/Parser/6836089/bug6836089.java + + JDK-8144240, PR3806: [macosx][PIT] AIOOB in + closed/javax/swing/text/GlyphPainter2/6427244/bug6427244.java + + JDK-8145542, PR3806: The case failed automatically and thrown + java.lang.ArrayIndexOutOfBoundsException exception + + JDK-8151725, PR3806: [macosx] ArrayIndexOOB exception when + displaying Devanagari text in JEditorPane + + JDK-8152358, PR3800: code and comment cleanups found during + the hunt for 8077392 + + JDK-8152545, PR3804: Use preprocessor instead of compiling a + program to generate native nio constants + + JDK-8152680, PR3806: Regression in + GlyphVector.getGlyphCharIndex behaviour + + JDK-8158924, PR3806: Incorrect i18n text document layout + + JDK-8166003, PR3806: [PIT][TEST_BUG] missing helper for + javax/swing/text/GlyphPainter2/6427244/bug6427244.java + + JDK-8166068, PR3806: test/java/awt/font/GlyphVector/ + /GetGlyphCharIndexTest.java does not compile + + JDK-8169879, PR3806: [TEST_BUG] javax/swing/text/ + /GlyphPainter2/6427244/bug6427244.java - compilation failed + + JDK-8191512, PR3806: T2K font rasterizer code removal + + JDK-8191522, PR3806: Remove Bigelow&Holmes Lucida fonts from + JDK sources + + JDK-8236512, PR3801: PKCS11 Connection closed after + Cipher.doFinal and NoPadding + + JDK-8254177, PR3809: (tz) Upgrade time-zone data to + tzdata2020b + * Bug fixes + + PR3798: Fix format-overflow error on GCC 10, caused by + passing NULL to a '%s' directive + + PR3795: ECDSAUtils for XML digital signatures should support + the same curve set as the rest of the JDK + + PR3799: Adapt elliptic curve patches to JDK-8245468: Add + TLSv1.3 implementation classes from 11.0.7 + + PR3808: IcedTea does not install the JFR *.jfc files + + PR3810: Enable JFR on x86 (32-bit) now that JDK-8252096 has + fixed its use with Shenandoah + + PR3811: Don't attempt to install JFR files when JFR is + disabled + * Shenandoah + + [backport] 8221435: Shenandoah should not mark through weak + roots + + [backport] 8221629: Shenandoah: Cleanup class unloading logic + + [backport] 8222992: Shenandoah: Pre-evacuate all roots + + [backport] 8223215: Shenandoah: Support verifying subset of + roots + + [backport] 8223774: Shenandoah: Refactor + ShenandoahRootProcessor and family + + [backport] 8224210: Shenandoah: Refactor + ShenandoahRootScanner to support scanning CSet codecache roots + + [backport] 8224508: Shenandoah: Need to update thread roots + in final mark for piggyback ref update cycle + + [backport] 8224579: ResourceMark not declared in + shenandoahRootProcessor.inline.hpp with + --disable-precompiled-headers + + [backport] 8224679: Shenandoah: Make + ShenandoahParallelCodeCacheIterator noncopyable + + [backport] 8224751: Shenandoah: Shenandoah Verifier should + select proper roots according to current GC cycle + + [backport] 8225014: Separate ShenandoahRootScanner method for + object_iterate + + [backport] 8225216: gc/logging/TestMetaSpaceLog.java doesn't + work for Shenandoah + + [backport] 8225573: Shenandoah: Enhance ShenandoahVerifier to + ensure roots to-space invariant + + [backport] 8225590: Shenandoah: Refactor + ShenandoahClassLoaderDataRoots API + + [backport] 8226413: Shenandoah: Separate root scanner for + SH::object_iterate() + + [backport] 8230853: Shenandoah: replace leftover + assert(is_in(...)) with rich asserts + + [backport] 8231198: Shenandoah: heap walking should visit all + roots most of the time + + [backport] 8231244: Shenandoah: all-roots heap walking misses + some weak roots + + [backport] 8237632: Shenandoah: accept NULL fwdptr to + cooperate with JVMTI and JFR + + [backport] 8239786: Shenandoah: print per-cycle statistics + + [backport] 8239926: Shenandoah: Shenandoah needs to mark + nmethod's metadata + + [backport] 8240671: Shenandoah: refactor + ShenandoahPhaseTimings + + [backport] 8240749: Shenandoah: refactor ShenandoahUtils + + [backport] 8240750: Shenandoah: remove leftover files and + mentions of ShenandoahAllocTracker + + [backport] 8240868: Shenandoah: remove CM-with-UR + piggybacking cycles + + [backport] 8240872: Shenandoah: Avoid updating new regions + from start of evacuation + + [backport] 8240873: Shenandoah: Short-cut arraycopy barriers + + [backport] 8240915: Shenandoah: Remove unused fields in init + mark tasks + + [backport] 8240948: Shenandoah: cleanup not-forwarded-objects + paths after JDK-8240868 + + [backport] 8241007: Shenandoah: remove + ShenandoahCriticalControlThreadPriority support + + [backport] 8241062: Shenandoah: rich asserts trigger "empty + statement" inspection + + [backport] 8241081: Shenandoah: Do not modify + update-watermark concurrently + + [backport] 8241093: Shenandoah: editorial changes in flag + descriptions + + [backport] 8241139: Shenandoah: distribute mark-compact work + exactly to minimize fragmentation + + [backport] 8241142: Shenandoah: should not use parallel + reference processing with single GC thread + + [backport] 8241351: Shenandoah: fragmentation metrics overhaul + + [backport] 8241435: Shenandoah: avoid disabling pacing with + "aggressive" + + [backport] 8241520: Shenandoah: simplify region sequence + numbers handling + + [backport] 8241534: Shenandoah: region status should include + update watermark + + [backport] 8241574: Shenandoah: remove + ShenandoahAssertToSpaceClosure + + [backport] 8241583: Shenandoah: turn heap lock asserts into + macros + + [backport] 8241668: Shenandoah: make ShenandoahHeapRegion not + derive from ContiguousSpace + + [backport] 8241673: Shenandoah: refactor anti-false-sharing + padding + + [backport] 8241675: Shenandoah: assert(n->outcnt() > 0) at + shenandoahSupport.cpp:2858 with + java/util/Collections/FindSubList.java + + [backport] 8241692: Shenandoah: remove + ShenandoahHeapRegion::_reserved + + [backport] 8241700: Shenandoah: Fold + ShenandoahKeepAliveBarrier flag into ShenandoahSATBBarrier + + [backport] 8241740: Shenandoah: remove + ShenandoahHeapRegion::_heap + + [backport] 8241743: Shenandoah: refactor and inline + ShenandoahHeap::heap() + + [backport] 8241748: Shenandoah: inline MarkingContext TAMS + methods + + [backport] 8241838: Shenandoah: no need to trash cset during + final mark + + [backport] 8241841: Shenandoah: ditch one of allocation type + counters in ShenandoahHeapRegion + + [backport] 8241842: Shenandoah: inline + ShenandoahHeapRegion::region_number + + [backport] 8241844: Shenandoah: rename + ShenandoahHeapRegion::region_number + + [backport] 8241845: Shenandoah: align ShenandoahHeapRegions + to cache lines + + [backport] 8241926: Shenandoah: only print heap changes for + operations that directly affect it + + [backport] 8241983: Shenandoah: simplify FreeSet logging + + [backport] 8241985: Shenandoah: simplify collectable garbage + logging + + [backport] 8242040: Shenandoah: print allocation failure type + + [backport] 8242041: Shenandoah: adaptive heuristics should + account evac reserve in free target + + [backport] 8242042: Shenandoah: tune down + ShenandoahGarbageThreshold + + [backport] 8242054: Shenandoah: New incremental-update mode + + [backport] 8242075: Shenandoah: rename + ShenandoahHeapRegionSize flag + + [backport] 8242082: Shenandoah: Purge Traversal mode + + [backport] 8242083: Shenandoah: split "Prepare Evacuation" + tracking into cset/freeset counters + + [backport] 8242089: Shenandoah: per-worker stats should be + summed up, not averaged + + [backport] 8242101: Shenandoah: coalesce and parallelise heap + region walks during the pauses + + [backport] 8242114: Shenandoah: remove + ShenandoahHeapRegion::reset_alloc_metadata_to_shared + + [backport] 8242130: Shenandoah: Simplify arraycopy-barrier + dispatching + + [backport] 8242211: Shenandoah: remove + ShenandoahHeuristics::RegionData::_seqnum_last_alloc + + [backport] 8242212: Shenandoah: initialize + ShenandoahHeuristics::_region_data eagerly + + [backport] 8242213: Shenandoah: remove + ShenandoahHeuristics::_bytes_in_cset + + [backport] 8242217: Shenandoah: Enable GC mode to be + diagnostic/experimental and have a name + + [backport] 8242227: Shenandoah: transit regions to cset state + when adding to collection set + + [backport] 8242228: Shenandoah: remove unused + ShenandoahCollectionSet methods + + [backport] 8242229: Shenandoah: inline ShenandoahHeapRegion + liveness-related methods + + [backport] 8242267: Shenandoah: regions space needs to be + aligned by os::vm_allocation_granularity() + + [backport] 8242271: Shenandoah: add test to verify GC mode + unlock + + [backport] 8242273: Shenandoah: accept either SATB or IU + barriers, but not both + + [backport] 8242301: Shenandoah: Inline LRB runtime call + + [backport] 8242316: Shenandoah: Turn NULL-check into assert + in SATB slow-path entry + + [backport] 8242353: Shenandoah: micro-optimize region + liveness handling + + [backport] 8242365: Shenandoah: use uint16_t instead of + jushort for liveness cache + + [backport] 8242375: Shenandoah: Remove + ShenandoahHeuristic::record_gc_start/end methods + + [backport] 8242641: Shenandoah: clear live data and update + TAMS optimistically + + [backport] 8243238: Shenandoah: explicit GC request should + wait for a complete GC cycle + + [backport] 8243301: Shenandoah: ditch + ShenandoahAllowMixedAllocs + + [backport] 8243307: Shenandoah: remove + ShCollectionSet::live_data + + [backport] 8243395: Shenandoah: demote guarantee in + ShenandoahPhaseTimings::record_workers_end + + [backport] 8243463: Shenandoah: ditch total_pause counters + + [backport] 8243464: Shenandoah: print statistic counters in + time order + + [backport] 8243465: Shenandoah: ditch unused pause_other, + conc_other counters + + [backport] 8243487: Shenandoah: make _num_phases illegal + phase type + + [backport] 8243494: Shenandoah: set counters once per cycle + + [backport] 8243573: Shenandoah: rename GCParPhases and + related code + + [backport] 8243848: Shenandoah: Windows build fails after + JDK-8239786 + + [backport] 8244180: Shenandoah: carry Phase to + ShWorkerTimingsTracker explicitly + + [backport] 8244200: Shenandoah: build breakages after + JDK-8241743 + + [backport] 8244226: Shenandoah: per-cycle statistics contain + worker data from previous cycles + + [backport] 8244326: Shenandoah: global statistics should not + accept bogus samples + + [backport] 8244509: Shenandoah: refactor + ShenandoahBarrierC2Support::test_* methods + + [backport] 8244551: Shenandoah: Fix racy update of + update_watermark + + [backport] 8244667: Shenandoah: SBC2Support::test_gc_state + takes loop for wrong control + + [backport] 8244730: Shenandoah: gc/shenandoah/options/ + /TestHeuristicsUnlock.java should only verify the heuristics + + [backport] 8244732: Shenandoah: move heuristics code to + gc/shenandoah/heuristics + + [backport] 8244737: Shenandoah: move mode code to + gc/shenandoah/mode + + [backport] 8244739: Shenandoah: break superclass dependency + on ShenandoahNormalMode + + [backport] 8244740: Shenandoah: rename ShenandoahNormalMode + to ShenandoahSATBMode + + [backport] 8245461: Shenandoah: refine mode name()-s + + [backport] 8245463: Shenandoah: refine ShenandoahPhaseTimings + constructor arguments + + [backport] 8245464: Shenandoah: allocate collection set + bitmap at lower addresses + + [backport] 8245465: Shenandoah: test_in_cset can use more + efficient encoding + + [backport] 8245726: Shenandoah: lift/cleanup + ShenandoahHeuristics names and properties + + [backport] 8245754: Shenandoah: ditch ShenandoahAlwaysPreTouch + + [backport] 8245757: Shenandoah: AlwaysPreTouch should not + disable heap resizing or uncommits + + [backport] 8245773: Shenandoah: Windows assertion failure + after JDK-8245464 + + [backport] 8245812: Shenandoah: compute root phase parallelism + + [backport] 8245814: Shenandoah: reconsider format specifiers + for stats + + [backport] 8245825: Shenandoah: Remove diagnostic flag + ShenandoahConcurrentScanCodeRoots + + [backport] 8246162: Shenandoah: full GC does not mark code + roots when class unloading is off + + [backport] 8247310: Shenandoah: pacer should not affect + interrupt status + + [backport] 8247358: Shenandoah: reconsider free budget slice + for marking + + [backport] 8247367: Shenandoah: pacer should wait on lock + instead of exponential backoff + + [backport] 8247474: Shenandoah: Windows build warning after + JDK-8247310 + + [backport] 8247560: Shenandoah: heap iteration holds root + locks all the time + + [backport] 8247593: Shenandoah: should not block pacing + reporters + + [backport] 8247751: Shenandoah: options tests should run with + smaller heaps + + [backport] 8247754: Shenandoah: mxbeans tests can be shorter + + [backport] 8247757: Shenandoah: split heavy tests by + heuristics to improve parallelism + + [backport] 8247860: Shenandoah: add update watermark line in + rich assert failure message + + [backport] 8248041: Shenandoah: pre-Full GC root updates may + miss some roots + + [backport] 8248652: Shenandoah: SATB buffer handling may + assume no forwarded objects + + [backport] 8249560: Shenandoah: Fix racy GC request handling + + [backport] 8249649: Shenandoah: provide per-cycle pacing stats + + [backport] 8249801: Shenandoah: Clear soft-refs on requested + GC cycle + + [backport] 8249953: Shenandoah: gc/shenandoah/mxbeans tests + should account for corner cases + + Fix slowdebug build after JDK-8230853 backport + + JDK-8252096: Shenandoah: adjust SerialPageShiftCount for + x86_32 and JFR + + JDK-8252366: Shenandoah: revert/cleanup changes in + graphKit.cpp + + Shenandoah: add JFR roots to root processor after JFR + integration + + Shenandoah: add root statistics for string dedup table/queues + + Shenandoah: enable low-frequency STW class unloading + + Shenandoah: fix build failures after JDK-8244737 backport + + Shenandoah: Fix build failure with +JFR -PCH + + Shenandoah: fix forceful pacer claim + + Shenandoah: fix formats in + ShenandoahStringSymbolTableUnlinkTask + + Shenandoah: fix runtime linking failure due to non-compiled + shenandoahBarrierSetC1 + + Shenandoah: hook statistics printing to PrintGCDetails, not + PrintGC + + Shenandoah: JNI weak roots are always cleared before Full GC + mark + + Shenandoah: missing SystemDictionary roots in + ShenandoahHeapIterationRootScanner + + Shenandoah: move barrier sets to their proper locations + + Shenandoah: move parallelCleaning.* to shenandoah/ + + Shenandoah: pacer should use proper Atomics for intptr_t + + Shenandoah: properly deallocates class loader metadata + + Shenandoah: specialize String Table scans for better pause + performance + + Shenandoah: Zero build fails after recent Atomic cleanup in + Pacer + * AArch64 port + + JDK-8161072, PR3797: AArch64: jtreg + compiler/uncommontrap/TestDeoptOOM failure + + JDK-8171537, PR3797: aarch64: compiler/c1/Test6849574.java + generates guarantee failure in C1 + + JDK-8183925, PR3797: [AArch64] Decouple crash protection from + watcher thread + + JDK-8199712, PR3797: [AArch64] Flight Recorder + + JDK-8203481, PR3797: Incorrect constraint for unextended_sp + in frame:safe_for_sender + + JDK-8203699, PR3797: java/lang/invoke/SpecialInterfaceCall + fails with SIGILL on aarch64 + + JDK-8209413, PR3797: AArch64: NPE in clhsdb jstack command + + JDK-8215961, PR3797: jdk/jfr/event/os/TestCPUInformation.java + fails on AArch64 + + JDK-8216989, PR3797: + CardTableBarrierSetAssembler::gen_write_ref_array_post_barrier() + does not check for zero length on AARCH64 + + JDK-8217368, PR3797: AArch64: C2 recursive stack locking + optimisation not triggered + + JDK-8221658, PR3797: aarch64: add necessary predicate for + ubfx patterns + + JDK-8237512, PR3797: AArch64: aarch64TestHook leaks a + BufferBlob + + JDK-8246482, PR3797: Build failures with +JFR -PCH + + JDK-8247979, PR3797: aarch64: missing side effect of killing + flags for clearArray_reg_reg + + JDK-8248219, PR3797: aarch64: missing memory barrier in + fast_storefield and fast_accessfield +- Modified patch: + * java-atk-wrapper-security.patch + + rediff to changed context + +------------------------------------------------------------------- +Fri May 29 09:36:42 UTC 2020 - Josef Cejka + +- Ignore whitespaces after the header or footer in PEM X.509 cert + (bsc#1171352) + + JDK_1_8_0-8208602.patch + +------------------------------------------------------------------- +Mon May 4 08:01:35 UTC 2020 - Fridrich Strba + +- Update to version jdk8u252 (icedtea 3.16.0) (April 2020 CPU, + bsc#1169511) + * Security fixes + + JDK-8223898, CVE-2020-2754: Forward references to Nashorn + + JDK-8223904, CVE-2020-2755: Improve Nashorn matching + + JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs + + JDK-8224549, CVE-2020-2757: Less Blocking Array Queues + + JDK-8225603: Enhancement for big integers + + JDK-8227542: Manifest improved jar headers + + JDK-8231415, CVE-2020-2773: Better signatures in XML + + JDK-8233250: Better X11 rendering + + JDK-8233410: Better Build Scripting + + JDK-8234027: Better JCEKS key support + + JDK-8234408, CVE-2020-2781: Improve TLS session handling + + JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers + + JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers + + JDK-8235274, CVE-2020-2805: Enhance typing of methods + + JDK-8236201, CVE-2020-2830: Better Scanner conversions + + JDK-8238960: linux-i586 builds are inconsistent as the newly + build jdk is not able to reserve enough space for object heap + * Import of OpenJDK 8 u252 build 01 + + JDK-8028480: (zipfs) NoSuchFileException on creating a file + in ZipFileSystem with CREATE and WRITE + + JDK-8031191: Warning exception when XMLSignature logging is + enabled + + JDK-8034773: (zipfs) newOutputstream uses CREATE_NEW when no + options specified + + JDK-8038431: Close InputStream when finished retrieving XML + Signature HTTP References + + JDK-8041620: Solaris Studio 12.4 C++ 5.13 change in behavior + for placing friend declarations within surrounding scope. + + JDK-8046044: Fix raw and unchecked lint warnings in XML + Signature Impl + + JDK-8056313: TEST_BUG: java/util/Timer/NameConstructors.java + fails intermittently + + JDK-8144732: VM_HeapDumper hits assert with bad dump_len + + JDK-8150432: LocaleProviders.sh fails + + JDK-8150460: (linux|bsd|aix)_close.c: file descriptor table + may become large or may not work at all + + JDK-8216354: Syntax error in toolchain_windows.m4 + + JDK-8218553: Enhance keystore load debug output + + JDK-8218580: endpoint identification algorithm should be + case-insensitive + + JDK-8227397: Add --with-extra-asflags configure option + + JDK-8227662: freetype seeks to index at the end of the font + data + + JDK-8231201: hs_err should print coalesced safepoint + operations in Events section + + JDK-8231991: Mouse wheel change focus on awt/swing windows + + JDK-8232003: (fs) Files.write can leak file descriptor in the + exception case + + JDK-8232154: Update Mesa 3-D Headers to version 19.2.1 + + JDK-8232355: Two obsolete flags have the wrong obsolete + version in 8u + + JDK-8233023: assert(Opcode() == mem->Opcode() || + phase->C->get_alias_index(adr_type()) == Compile::AliasIdxRaw) + failed: no mismatched stores, except on raw memory + + JDK-8233404: System property to set the number of PBE + iterations in JCEKS keystores + + JDK-8234107: Several AWT modal dialog tests failing on Linux + after JDK-8231991 + + JDK-8234264: Incorrect 8047434 JDK 8 backport in 8219677 + + JDK-8234288: Turkey Time Zone returns incorrect time zone name + + JDK-8235637: jhsdb jmap from OpenJDK 11.0.5 doesn't work if + prelink is enabled + + JDK-8236873: Worker has a deadlock bug + + JDK-8237523: 8u backport of JDK-8216354 didn't include + generated-configure.sh changes + * Import of OpenJDK 8 u252 build 02 + + JDK-7143743: Potential memory leak with zip provider + + JDK-8033215: clang: node.cpp:284 IDX_INIT macro use + uninitialized field _out + + JDK-8143849: Integrate Marlin renderer per JEP 265 + + JDK-8146792: Predicate moved after partial peel may lead to + broken graph + + JDK-8193255: Root Certificates should be stored in text + format and assembled at build time + + JDK-8233995: java.vm.vendor (and potentially other + properties/fields) not correctly set in Windows/Hotspot build + of OpenJDK8 + + JDK-8235142: JDK-8193255 backport broke bootstrap with JDK 10 + * Import of OpenJDK 8 u252 build 03 + + JDK-8005819: Support cross-realm MSSFU + + JDK-8046724: XML Signature ECKeyValue elements cannot be + marshalled or unmarshalled + + JDK-8079140: IgnoreAllErrorHandler should use doPrivileged + when it reads system properties + + JDK-8134579: [TESTBUG] Some bmi tests fail if + can_access_local_variables is on. + + JDK-8145055: Marlin renderer causes unaligned write accesses + + JDK-8145849: ALPN: getHandshakeApplicationProtocol() always + return null + + JDK-8146293: Add support for RSASSA-PSS Signature algorithm + + JDK-8158978: ALPN not working when values are set directly on + a SSLServerSocket + + JDK-8162723: Array index overflow in Base64 utility class + + JDK-8170282: Enable ALPN parameters to be supplied during the + TLS handshake + + JDK-8171443: (spec) An ALPN callback function may also ignore + ALPN + + JDK-8175029: StackOverflowError in X509CRL and + X509Certificate.verify(PublicKey, Provider) + + JDK-8200400: Restrict Sasl mechanisms + + JDK-8205445: Add RSASSA-PSS Signature support to SunMSCAPI + + JDK-8205720: KeyFactory#getKeySpec and translateKey throws + NullPointerException with Invalid key + + JDK-8206171: Signature#getParameters for RSASSA-PSS throws + ProviderException when not initialized + + JDK-8213009: Refactoring existing SunMSCAPI classes + + JDK-8213010: Supporting keys created with certmgr.exe + + JDK-8214096: sun.security.util.SignatureUtil passes null + parameter, so JCE validation fails + + JDK-8215694: keytool cannot generate RSASSA-PSS certificates + + JDK-8216039: TLS with BC and RSASSA-PSS breaks + ECDHServerKeyExchange + + JDK-8221407: Windows 32bit build error in + libsunmscapi/security.cpp + + JDK-8223003: SunMSCAPI keys are not cleaned up + + JDK-8223063: Support CNG RSA keys + + JDK-8223158: Docked MacBook cannot start any Java Swing + applications + + JDK-8225180: SignedObject with invalid Key not throwing the + InvalidKeyException in Windows + + JDK-8225392: Comparison builds are failing due to cacerts file + + JDK-8225745: NoSuchAlgorithmException exception for + SHA256withECDSA with RSASSA-PSS support + + JDK-8229767: Typo in java.security: Sasl.createClient and + Sasl.createServer + + JDK-8230977: JEP 244/8051498 - TLS Application-Layer Protocol + Negotiation Extension (Java SE 8) + + JDK-8230978: Add support for RSASSA-PSS Signature algorithm + (Java SE 8) + + JDK-8234245: sun/security/lib/cacerts/VerifyCACerts.java + fails due to wrong checksum + + JDK-8236470: Deal with ECDSA using ecdsa-with-SHA2 plus hash + algorithm as AlgorithmId + + JDK-8238502: sunmscapi.dll causing EXCEPTION_ACCESS_VIOLATION + * Import of OpenJDK 8 u252 build 04 + + JDK-8047212: + runtime/ParallelClassLoading/bootstrap/random/inner-complex + assert(ObjectSynchronizer::verify_objmon_isinpool(inf)) + failed: monitor is invalid + + JDK-8135318: CMS wrong max_eden_size for + check_gc_overhead_limit + + JDK-8144445: Maximum size checking in Marlin ArrayCache + utility methods is not optimal + + JDK-8144446: Automate the Marlin crash test + + JDK-8144630: Use PrivilegedAction to create Thread in Marlin + RendererStats + + JDK-8215756: Memory leaks in the AWT on macOS + + JDK-8219244: NMT: Change ThreadSafepointState's allocation + type from mtInternal to mtThread + + JDK-8225128: Add exception for expiring DocuSign root to + VerifyCACerts test + + JDK-8229345: Memory leak due to vtable stubs not being shared + on SPARC + + JDK-8229872: (fs) Increase buffer size used with getmntent + + JDK-8236179: C1 register allocation error with T_ADDRESS + + JDK-8237368: Problem with NullPointerException in RMI + TCPEndpoint.read + * Import of OpenJDK 8 u252 build 05 + + JDK-8022263: use same Clang warnings on BSD as on Linux + + JDK-8055283: Expand ResourceHashtable with C_HEAP allocation, + removal and some unit tests + + JDK-8068184: Fix for JDK-8032832 caused a deadlock + + JDK-8079693: Add support for ECDSA P-384 and P-521 curves to + XML Signature + + JDK-8132130: some docs cleanup + + JDK-8144526: Remove Marlin logging use of deleted internal API + + JDK-8144654: Improve Marlin logging + + JDK-8144718: Pisces / Marlin Strokers may generate invalid + curves with huge coordinates and round joins + + JDK-8166976: TestCipherPBECons has wrong @run line + + JDK-8167409: Invalid value passed to critical JNI function + + JDK-8181872: C1: possible overflow when strength reducing + integer multiply by constant + + JDK-8187078: -XX:+VerifyOops finds numerous problems when + running JPRT + + JDK-8191227: issues with unsafe handle resolution + + JDK-8216472: (se) Stack overflow during selection operation + leads to crash (win) + + JDK-8229022: BufferedReader performance can be improved by + using StringBuilder + + JDK-8231430: C2: Memory stomp in max_array_length() for + T_ILLEGAL type + + JDK-8235904: Infinite loop when rendering huge lines + * Import of OpenJDK 8 u252 build 06 + + JDK-8225130: Add exception for expiring Comodo roots to + VerifyCACerts test + + JDK-8230235: Rendering HTML with empty img attribute and + documentBaseKey cause Exception + + JDK-8235744: PIT: + test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java + times out in linux-x64 + + JDK-8240521: Revert backport of 8231584: Deadlock with + ClassLoader.findLibrary and System.loadLibrary call + * Import of OpenJDK 8 u252 build 07 + + JDK-8197441: Signature#initSign/initVerify for an invalid + private/public key fails with ClassCastException for SunPKCS11 + provider + * Import of OpenJDK 8 u252 build 08 + + JDK-8241296: Segfault in JNIHandleBlock::oops_do() + + JDK-8241307: Marlin renderer should not be the default in + 8u252 + * Import of OpenJDK 8 u252 build 09 + + JDK-8204152: SignedObject throws NullPointerException for + null keys with an initialized Signature object + + JDK-8219597: (bf) Heap buffer state changes could provoke + unexpected exceptions + * Backports + + JDK-8035949, PR3784: Remove unused macro USE_SELECT and clean + up Unix version of net_util_md.{c,h} + + JDK-8167481, PR3784: cleanup of headers and includes for + native libnet + + JDK-8195607, PR3776: + sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with + "NSS initialization failed" on NSS 3.34.1 + * Bug fixes + + PR3786: Use 'JDK-' as prefix for bugs from the OpenJDK bug + tracker + * Shenandoah + + AArch64: Fix LRB use in LIRGenerator::do_UnsafeGetAndSetObject + + [backport] 8221751: Shenandoah: Improve SATB enqueueing + + [backport] 8221848: Shenandoah: ArrayCopy post-barrier + improvements + + [backport] 8222766: Shenandoah: streamline post-LRB CAS + barrier (x86) + + [backport] 8223951: Shenandoah: Only need to update thread + roots during final update refs + + [backport] 8224179: Shenandoah: CTW test failures with + traversal GC + + [backport] 8224495: Shenandoah: Do not rescan code roots in + final mark pause if it is not degenerated GC + + [backport] 8224508: Shenandoah: Need to update thread roots + in final mark for piggyback ref update cycle + + [backport] 8224525: Shenandoah: Eliminate shenandoah + verifier's side-effects + + [backport] 8225171: Remove leftovers in + shenandoahBarrierSetC1.cpp + + [backport] 8225341: Shenandoah: CM::update_thread_roots() + needs to handle derived pointers + + [backport] 8226586: Shenandoah: No need to pre-evacuate roots + for degenerated GC + + [backport] 8227327: Shenandoah: Faster and more parallel tests + + [backport] 8227676: Shenandoah: More consistent naming of LRB + entry points + + [backport] 8228364: Shenandoah: Remove unused code from + ShenandoahBarrierSetC1 + + [backport] 8229865: Use explicit #include debug.hpp for + STATIC_ASSERT in gc/shenandoah/shenandoahUtils.cpp + + [backport] 8229919: Support JNI Critical functions in object + pinning API on x86_32 platforms + + [backport] 8231086: Shenandoah: Stronger invariant for + object-arraycopy + + [backport] 8231293: Shenandoah: Traversal should not revive + dead weak roots + + [backport] 8231410: Shenandoah: clone barrier should use base + pointer + + [backport] 8231447: Shenandoah: Compilation-time regression + after JDK-8231086 + + [backport] 8231499: Shenandoah: + compiler/arraycopy/TestDefaultMethodArrayCloneDeoptC2 fails + + [backport] 8232205: Shenandoah: missing "Update References" + -> "Update Roots" tracing + + [backport] 8232778: Shenandoah: SBSA::arraycopy_prologue + checks wrong register + + [backport] 8232908: Shenandoah: compact heuristics has + incorrect trigger "Free is lower than allocated recently" + + [backport] 8233387: Shenandoah: passive mode should disable + pacing ergonomically + + [backport] 8233520: Shenandoah: do not sleep when thread is + attaching + + [backport] 8233850: Shenandoah: Shenandoah thread count + ergonomics should be container aware + + [backport] 8234232: [TESTBUG] + gc/shenandoah/jvmti/TestHeapDump.java fails with -Xcomp + + [backport] 8235636: + gc/shenandoah/compiler/TestUnsafeOffheapSwap.java fails after + JDK-8226411 + + [backport] 8235729: Shenandoah: Remove useless casting to + non-constant + + [backport] 8236106: [TESTBUG] Shenandoah: Make + TestThreadFailure more resilient + + [backport] 8236181: C2: Remove useless step_over_gc_barrier() + in int->bool conversion + + [backport] 8236732: Shenandoah: Stricter placement for + oom-evac scopes + + [backport] 8236851: Shenandoah: More details in Traversal GC + event messages + + [backport] 8237007: Shenandoah: assert(_base == Tuple) + failure during C2 compilation + + [backport] 8237038: Shenandoah: Reduce thread pool size in + TestEvilSyncBug.java test + + [backport] 8237570: Shenandoah: cleanup uses of + allocation/free threshold in static heuristics + + [backport] 8237586: Shenandoah: provide option to disable + periodic GC + + [backport] 8239868: Shenandoah: ditch C2 node limit + adjustments + + [backport] 8239904: Shenandoah: accumulated penalties should + not be over 100% of capacity + + [backport] 8240069: Shenandoah: turn more flags diagnostic + + [backport] 8240070: Shenandoah: remove obsolete + ShenandoahCommonGCStateLoads + + [backport] 8240076: Shenandoah: pacer should cover reset and + preclean phases + + [backport] 8240215: Shenandoah: remove + ShenandoahAllocationTrace + + [backport] 8240216: Shenandoah: remove + ShenandoahTerminationTrace + + [backport] 8240217: Shenandoah: remove ShenandoahEvacAssist + + [backport] 8240534: Shenandoah: ditch debug safepoint timeout + adjustment + + Fix LRB use in LIRGenerator::do_UnsafeGetAndSetObject + + Fix tier2_gc_shenandoah group definition + + Rectify JDK-8191227 workaround for Shenandoah + + Revert leftover changes in type.{cpp|hpp} + + JDK-8233500: Shenandoah: Shenandoah load barrier should save + registers before calling keep alive barrier on x86 + * AArch64 port + + JDK-8224851, PR3785: AArch64: fix warnings and errors with + Clang and GCC 8.3 + * AArch32 port + + JDK-8240219: CPU specific port of 8229345: Memory leak due to + vtable stubs not being shared on SPARC + +------------------------------------------------------------------- +Wed Apr 15 09:07:59 UTC 2020 - Fridrich Strba + +- The pack200 and unpack200 alternatives should be slaves of java + and not of javac, since they are part of JRE. + +------------------------------------------------------------------- +Tue Feb 4 12:27:11 UTC 2020 - Fridrich Strba + +- Add -fcommon to CFLAGS and CXXFLAGS to allow building with new + compilers (boo#1160398) + +------------------------------------------------------------------- +Mon Jan 27 11:41:21 UTC 2020 - Fridrich Strba + +- On platform where OpenJ9 exists, avoid building with it in order + to prevent build cycles + +------------------------------------------------------------------- +Tue Jan 21 06:40:46 UTC 2020 - Fridrich Strba + +- Update to version jdk8u242 (icedtea 3.15.0) (January 2020 CPU, + bsc#1160968) + * Security fixes + + S8225261: Better method resolutions + + S8224909, CVE-2020-2583: Unlink Set of LinkedHashSets + + S8225279: Better XRender interpolation + + S8226352, CVE-2020-2590: Improve Kerberos interop capabilities + + S8227758: More valid PKIX processing + + S8227816: More Colorful ICC profiles + + S8228548, CVE-2020-2593: Normalize normalization for all + + S8229951, CVE-2020-2601: Better Ticket Granting Services + + S8230279: Improve Pack200 file reading + + S8230318: Better trust store usage + + S8230967: Improve Registry support of clients + + S8231129: More glyph images + + S8231139: Improved keystore support + + S8231422, CVE-2020-2604: Better serial filter handling + + S8231795, CVE-2020-2659: Enhance datagram socket support + + S8232419: Improve Registry registration + + S8234037, CVE-2020-2654: Improve Object Identifier Processing + * Import of OpenJDK 8 u242 build 01 + + S8010500: [parfait] Possible null pointer dereference at + hotspot/src/share/vm/opto/loopnode.hpp + + S8067429: java.lang.VerifyError: Inconsistent stackmap frames + at branch target + + S8073154: NULL-pointer dereferencing in + LIR_OpProfileType::print_instr + + S8077707: jdk9 b58 cannot run any graphical application on + Win 8 with JAWS running + + S8132249: Clean up JAB debugging code + + S8133951: Zero interpreter asserts in stubRoutines.cpp + + S8134739: compiler/loopopts/superword/ + /TestVectorizationWithInvariant crashes in loop opts + + S8212071: Need to set the FreeType LCD Filter to reduce + fringing. + + S8230238: Add another regression test for JDK-8134739 + + S8230813: Add JDK-8010500 to compiler/loopopts/superword/ + /TestFuzzPreLoop.java bug list + + S8231398: Add time tracing for gc log rotation at safepoint + cleanup + + S8231988: Unexpected test result caused by C2 + IdealLoopTree::do_remove_empty_loop + * Import of OpenJDK 8 u242 build 02 + + S8057986: freetype code to get glyph outline does not handle + initial control point properly + + S8068736: Avoid synchronization on + Executable/Field.declaredAnnotations + + S8073347: javadoc of Formattable messed up by JDK-8019857 + + S8206173: MallocSiteTable::initialize() doesn't take function + descriptors into account + + S8213568: Typo in + java/awt/GraphicsEnvironment/LoadLock/GE_init5.java + + S8218558: NMT stack traces in output should show mt component + for virtual memory allocations + + S8225101: Crash at sun.awt.X11.XlibWrapper.XkbGetUpdatedMap + when change keybord map + + S8228888: C2 compilation fails with assert "m has strange + control" + + S8229020: Failure on CPUs allowing loads reordering: + assert(_tasks[t] == 1) failed: What else? + + S8229169: False failure of GenericTaskQueue::pop_local on + architectures with weak memory model + + S8230363: C2: Let ConnectionGraph::not_global_escape(Node* n) + return false if n is not in the CG + + S8231887: ComodoCA.java fails because certificate was revoked + * Import of OpenJDK 8 u242 build 04 + + S8048556: Unnecessary GCLocker-initiated young GCs + + S8073108: Use x86 and SPARC CPU instructions for GHASH + acceleration + + S8130341: GHASH 32bit intrinsics has AEADBadTagException + + S8139178: Wrong fontMetrics when printing in Landscape + (OpenJDK) + + S8146238: [macosx] Java2D Queue Flusher crash on OSX after + switching between user accounts + + S8196681: Java Access Bridge logging and debug flags + dynamically controlled + + S8204288: Matching the end of a string followed by an empty + greedy regex and a word boundary fails + + S8204290: Add check to limit number of capture groups + + S8219914: Change the environment variable for Java Access + Bridge logging to have a directory. + + S8225505: ctrl-F1 does not show the tooltip of a menu item + (JMenuItems) + * Import of OpenJDK 8 u242 build 05 + + S8029629: java/lang/ProcessBuilder/Basic.java fails + intermittently + + S8055351: sun/security/provider/DSA/ + /TestAlgParameterGenerator.java failed with interrupted! + (timed out?) + + S8131778: java disables UseAES flag when using VIS=2 on sparc + + S8133489: Better messaging for PKIX path validation matching + + S8134424: BlockDataInputStream.readUTFBody: size local + StringBuffer with the given length + + S8156028: G1YoungGenSizer _adaptive_size not correct when + setting NewSize and MaxNewSize to the same value + + S8170641: sun/net/www/protocol/https/HttpsURLConnection/ + /PostThruProxy.sh fails with timeout + + S8173956: KeyStore regression due to default keystore being + changed to PKCS12 + + S8185898: setRequestProperty(key, null) results in HTTP + header without colon in request + + S8189762: [TESTBUG] Create tests for JDK-8146115 container + awareness and resource configuration + + S8194653: Deadlock involving FileSystems.getDefault and + System.loadLibrary call + + S8195088: [TEST_BUG] StartManagementAgent got unexpected + exception + + S8195667: ProblemList PKCS11 tests Secmod/AddTrustedCert.java + and tls/TestKeyMaterial.java due to JDK-8180837 + + S8198649: Switch AWT/Swing's default GTK version to 3 + + S8208715: Conversion of milliseconds to nanoseconds in + UNIXProcess contains bug + + S8213119: [macos] + java/awt/GraphicsDevice/CheckDisplayModes.java fails + + S8215210: [macos] Hangul text does not shape to the + precomposed form on JDK8u + + S8216401: Allow "file:" URLs in Class-Path of local JARs + + S8221172: SunEC specific test is not limited to SunEC + + S8221246: NullPointerException within Win32ShellFolder2 + + S8222496: [8u] Switch on GTK3 as a default GTK L&F in + client-libs + + S8223490: Optimize search algorithm for determining default + time zone + + S8225141: Better handling of classes in error state in fast + class initialization checks + + S8229420: [Redo] jstat reports incorrect values for OU for + CMS GC + + S8231124: Missing closedir call with JDK-8223490 + + S8231584: Deadlock with ClassLoader.findLibrary and + System.loadLibrary call + + S8232984: Upgrading Joni License version to 2.1.16 + + S8233886: TEST_BUG jdk/java/net/CookieHandler/B6791927.java + hit hardcoded expiration date + + S8234591: [11u] Build with old C compiler broken by 8223490 + + S8236178: Debug build failed after 8236058 + * Import of OpenJDK 8 u242 build 06 + + S8227715: GPLv2 files missing Classpath Exception + + S8232019: Add LuxTrust certificate updates to the existing + root program + + S8233223: Add Amazon Root CA certificates + + S8235850: [TESTBUG] Remove + test/runtime/RedefineTests/test8178870.sh + * Import of OpenJDK 8 u242 build 07 + + S8037550: Update RFC references in javadoc to RFC 5280 + + S8039438: Some tests depend on internal API sun.misc.IOUtils + + S8044500: Add kinit options and krb5.conf flags that allow + users to obtain renewable tickets and specify ticket lifetimes + + S8058290: JAAS Krb5LoginModule has suspect ticket-renewal + logic, relies on clockskew grace + + S8080835: Add blocking bulk read to sun.misc.IOUtils + + S8138978: Examine usages of sun.misc.IOUtils + + S8139206: Add InputStream readNBytes(int len) + + S8183591: Incorrect behavior when reading DER value with + Integer.MAX_VALUE length + + S8186576: KerberosTicket does not properly handle renewable + tickets at the end of their lifetime + + S8186831: Kerberos ignores PA-DATA with a non-null s2kparams + + S8186884: Test native KDC, Java krb5 lib, and native krb5 lib + in one test + + S8193832: Performance of InputStream.readAllBytes() could be + improved + + S8196956: (ch) More channels cleanup + + S8201627: Kerberos sequence number issues + + S8215032: Support Kerberos cross-realm referrals (RFC 6806) + + S8226719: Kerberos login to Windows 2000 failed with + "Inappropriate type of checksum in message" + + S8227061: KDC.java test behaves incorrectly when AS-REQ + contains a PAData not PA-ENC-TS-ENC + + S8227381: GSS login fails with PREAUTH_FAILED + + S8227437: S4U2proxy cannot continue because server's TGT + cannot be found + + S8232381: add result NULL-checking to freetypeScaler.c + + S8233944: Make KerberosPrincipal.KRB_NT_ENTERPRISE field + package private + + S8235909: File.exists throws AccessControlException for + invalid paths when a SecurityManager is installed + + S8236983: [TESTBUG] Remove pointless catch block in + test/jdk/sun/security/util/DerValue/BadValue.java + + S8236984: Add compatibility wrapper for IOUtils.readFully + * Import of OpenJDK 8 u242 build 08 + + S8031111: fix krb5 caddr + + S8132111: Do not request for addresses for forwarded TGT + * Shenandoah + + Add missing include in shenandoahOopClosures.cpp + + Avoid initializing unused SharedHeap::_workers for Shenandoah + + [backport] 8221435: Shenandoah should not mark through weak + roots + + [backport] 8221766: Load-reference barriers for Shenandoah + + [backport] 8222129: Shenandoah: Missing CompareAndSwapP/N + case in get_barrier_strength() + + [backport] 8222738: Shenandoah: assert(is_Proj()) failed when + running cometd benchmarks + + [backport] 8223448: Shenandoah disabled barriers blocks omit + LRB + + [backport] 8223450: Disable Shenandoah C2 barriers + verification for x86_32 + + [backport] 8223567: Rename ShenandoahBrooksPointer to + ShenandoahForwarding + + [backport] 8224496: Shenandoah compilation fails with + assert(is_CountedLoopEnd()) failed: invalid node class + + [backport] 8224522: Shenandoah should apply barriers on + deoptimization + + [backport] 8224584: Shenandoah: Eliminate forwarding pointer + word + + [backport] 8224667: Shenandoah: Post-LRB cleanup + + [backport] 8224881: Shenandoah: trashing "Collection Set, + Pinned" region during Degenerated GC + + [backport] 8224932: Shenandoah: Rename ShenandoahHeapLock, + make it general purpose lock + + [backport] 8225017: [TESTBUG] + gc/shenandoah/oom/TestThreadFailure.java takes too long + + [backport] 8225046: Shenandoah metrics logs refactoring + + [backport] 8225048: Shenandoah x86_32 support + + [backport] 8225111: Make Shenandoah tests work with 32-bit VMs + + [backport] 8225229: Shenandoah: trim down default number of + GC threads + + [backport] 8225357: Rewire + ShenandoahHeap::maybe_update_with_forwarded for contending fixups + + [backport] 8225441: Cleanup + ShenandoahHeap::atomic_compare_exchange_oop + + [backport] 8225514: Shenandoah: ShenandoahCodeRoots should + inherit from AllStatic + + [backport] 8226757: Shenandoah: Make traversal and passive + modes explicit + + [backport] 8226957: Shenandoah: Remove obsoleted + ShenandoahStoreCheck option + + [backport] 8228775: Shenandoah: Remove useless + null-input-verification in Shenandoah/C2 verifier + + [backport] 8229002: Shenandoah: Missing node types in + ShenandoahLoadReferenceBarrier::needs_barrier_impl() + + [backport] 8229231: Shenandoah: Non-PCH builds failed after + JDK-8224932 + + [backport] 8229350: Shenandoah does not need barriers before + CreateEx + + [backport] 8229416: Shenandoah: Demote or remove + ShenandoahOptimize*Final optimizations + + [backport] 8229419: Shenandoah: Cleanup LRB strength selector + code + + [backport] 8229707: [TESTBUG] Some Shenandoah tests assume + Server VM by default + + [backport] 8231197: Shenandoah: JVMTI heap walking cleanup + crashes with NULL forwardee + + [backport] 8231405: [Shenandoah] guarantee(d != NULL) failed: + Null dominator info + + [backport] 8231583: Shenandoah: Fix register clash in + SBSA::resolve_forwarding_pointer() borrowing + + [backport] 8231667: Shenandoah: Full GC should take empty + regions into slices for compaction + + [backport] 8231932: Shenandoah: conc/par GC threads + ergonomics overrides user settings + + [backport] 8231946: Remove obsolete and unused + ShenandoahVerifyObjectEquals flag + + [backport] 8231947: Shenandoah: cleanup + ShenandoahHumongousMoves flag treatment + + [backport] 8232102: Shenandoah: print everything in proper + units + + [backport] 8232176: Shenandoah: new assert in + ShenandoahEvacuationTask is too strong + + [backport] 8232534: Shenandoah: guard against reentrant + ShenandoahHeapLock locking + + [backport] 8232573: Shenandoah: cleanup and add more logging + for in-pause phases + + [backport] 8232575: Shenandoah: asynchronous object/region + pinning + + [backport] 8232702: Shenandoah: + gc/shenandoah/TestVerifyJCStress.java uses non-existent + -XX:+VerifyObjectEquals + + [backport] 8232729: Shenandoah: assert + ShenandoahHeap::cas_oop addresses are aligned + + [backport] 8232802: Shenandoah: transition between "cset" and + "pinned_cset" does not require cancelled gc + + [backport] LRB right after call, use is Bool + + Backport per-region seqnum tracking + + [backport] Relax Shenandoah/C2 verifier against JDK11 + shortcomings + + [backport] Remove to wrong handlings of Shenandoah LRB in + escape analysis + + Backport Traversal GC + + Cherry-pick JDK-8231201: hs_err should print coalesced + safepoint operations in Events section + + Cleanup weak JNI refs when not doing reference processing + + Correct order between load, LRB and membar nodes + + Disable JNI tests for 32-bit platforms, due to lack of jtreg + support + + Do not enable UseCountedLoopSafepoints in Shenandoah by + default + + Fix ifdef -> if INCLUDE_ALL_GCS in Shenandoah x86_32 code + + Fix leftover commented out code in + ShenandoahRuntime::load_reference_barrier_JRT + + Fix lock ordering issue when calling JVMTI GetLoadedClasses + during marking + + Fix naked heap loads in HeapDumper + + Fix ShenandoahLoadReferenceBarrierNode::{Value, Identity} + signatures after LRB backport + + Fix Windows build after LRB backports + + Fix Zero build after LRB backport moves, remove other stubs + + Remove some obsolete Shenandoah code from C2 + + Remove StubRoutines::_shenandoah_wb_C and related code + + Revert obsolete shared-code changes in runtime synchronizer + code + + Revert ShenandoahVerifyObjectEquals additions, not required + after LRB + + S8236829: JDK-8232102 backport breaks s390 + + Save vector registers before LRB slowpath call + + Shenandoah: JvmtiExport::weak_oops_do should not be entered + by multiple threads + + Shenandoah SA: support live region iteration + + Use correct flag to guard implicit concurrent GC + * AArch64 port + + S8073108, PR3772: [AArch64] Use x86 and SPARC CPU + instructions for GHASH acceleration + + S8135018, PR3772: AARCH64: Missing memory barriers for CMS + collector + + S8209835, PR3772: Aarch64: elide barriers on all volatile + operations + + S8233839, PR3772: aarch64: missing memory barrier in + NewObjectArrayStub and NewTypeArrayStub + +------------------------------------------------------------------- +Fri Nov 15 09:08:43 UTC 2019 - Fridrich Strba + +- Update to version jdk8u232 (icedtea 3.14.0) (October 2019 CPU, + bsc#1154212) + * Security fixes + + S8167646: Better invalid FilePermission + + S8213429, CVE-2019-2933: Windows file handling redux + + S8218573, CVE-2019-2945: Better socket support + + S8218877: Help transform transformers + + S8220186: Improve use of font temporary files + + S8220302, CVE-2019-2949: Better Kerberos ccache handling + + S8221497: Optional Panes in Swing + + S8221858, CVE-2019-2958: Build Better Processes + + S8222684, CVE-2019-2964: Better support for patterns + + S8222690, CVE-2019-2962: Better Glyph Images + + S8223163: Better pattern recognition + + S8223505, CVE-2019-2973: Better pattern compilation + + S8223518, CVE-2019-2975: Unexpected exception in jjs + + S8223892, CVE-2019-2978: Improved handling of jar files + + S8224025: Fix for JDK-8220302 is not complete + + S8224532, CVE-2019-2981: Better Path supports + + S8224915, CVE-2019-2983: Better serial attributes + + S8225286, CVE-2019-2987: Better rendering of native glyphs + + S8225292, CVE-2019-2988: Better Graphics2D drawing + + S8225298, CVE-2019-2989: Improve TLS connection support + + S8225597, CVE-2019-2992: Enhance font glyph mapping + + S8226765, CVE-2019-2999: Commentary on Javadoc comments + + S8227129: Better ligature for subtables + + S8227601: Better collection of references + + S8228825, CVE-2019-2894, bsc#1152856: Enhance ECDSA operations + * Import of OpenJDK 8 u232 build 01 + + S6913047: Long term memory leak when using PKCS11 and JCE + exceeds 32 bit process address space + + S6946830: javax.crypto.Cipher.doFinal behavior differs + depending on platform + + S6996807: FieldReflectorKey hash code computation can be + improved + + S8030993: Check jdk/src/share/native/common/jni_util.c for + JNI pending exceptions + + S8075136: Unnecessary sign extension for byte array access + + S8075544: Add tiered testing definitions to the jdk repo + + S8075573: Add jdk_other and jdk_svc to jdk tier 2 test + definition + + S8151486: Class.forName causes memory leak + + S8152856: Xcode 7.3 -Wshift-negative-value compile failure on + Mac OS X + + S8168417: Pending exceptions in + java.base/windows/native/libnio + + S8170494: JNI exception pending in PlainDatagramSocketImpl.c + + S8185900: hotspot build failed with gcc version Red Hat + 4.4.7-3 + + S8185979: PPC64: Implement SHA2 intrinsic + + S8197930: JNI exception pending in initializeEncoding of + jni_util.c + + S8202353: os::readdir should use readdir instead of readdir_r + + S8205587: Implicit function declaration in jni_util.c + + S8210761: libjsig is being compiled without optimization + + S8214002: Cannot use italic font style if the font has + embedded bitmap + + S8218721: C1's CEE optimization produces safepoint poll with + invalid debug information + + S8218854: FontMetrics.getMaxAdvance may be less than the + maximum FontMetrics.charWidth + + S8219807: C2 crash in IfNode::up_one_dom(Node*, bool) + + S8221304: Problem list + java/awt/FontMetrics/MaxAdvanceIsMax.java + + S8223219: Backport of JDK-8199552 to OpenJDK 8 leads to + duplicate -fstack-protector flags, overriding + --with-extra-cflags + + S8225636: SA can't handle prelinked libraries + + S8226392: Launcher should not enable legacy stdio streams on + GNU/Linux (glibc) + + S8226870: OpenJDK 8u JRE contains clhsdb and hsdb launchers + + S8226928: [TESTBUG] + test/java/net/NetworkInterface/IPv4Only.java fails + intermittently on AIX + + S8227018: CompletableFuture should not call + Runtime.availableProcessors on fast path + + S8228405: Incorrect format strings in + PhaseIdealLoop::rc_predicate + * Import of OpenJDK 8 u232 build 02 + + S8075546: Add tiered testing definitions to the langtools repo + + S8202252: (aio) Closed AsynchronousSocketChannel keeps + completion handler alive + + S8216597: SIGBUS in + Java_sun_security_pkcs11_wrapper_PKCS11_getNativeKeyInfo after + JDK-6913047 + + S8220513: Wrapper Key may get deleted when closing sessions + in SunPKCS11 crypto provider + + S8222737: [TESTBUG] Allow for tier 1 like testing in OpenJDK + 8u + + S8224580: Matcher can cause oop field/array element to be + reloaded + + S8226543: Reduce GC pressure during message digest + calculations in password-based encryption + * Import of OpenJDK 8 u232 build 03 + + S8213561: ZipFile/MultiThreadedReadTest.java timed out in + tier1 + + S8217785: Padding + ParallelTaskTerminator::_offered_termination variable + * Import of OpenJDK 8 u232 build 04 + + S8188868: PPC64: Support AES intrinsics on Big Endian + * Import of OpenJDK 8 u232 build 05 + + S8080157: assert(allocates2(pc)) failed: not in CodeBuffer + memory + + S8087128: C2: Disallow definition split on MachCopySpill nodes + + S8139965: Hang seen when using + com.sun.jndi.ldap.search.replyQueueSize + + S8147502: Digest is incorrectly truncated for ECDSA + signatures when the bit length of n is less than the field + size + + S8147611: G1 - Missing memory barrier in + start_cset_region_for_worker + + S8151066: assert(0 <= i && i < length()) failed: index out of + bounds + + S8155951: VM crash in + nsk/jvmti/RedefineClasses/StressRedefine: assert failed: + Corrupted constant pool + + S8202948: C2: assert(init_offset >= 0) failed: positive + offset from object start + + S8203324: Use out of scope in getMacOSXLocale of + java_props_macosx.c:120 + + S8206879: Currency decimal marker incorrect for Peru + + S8211232: GraphKit::make_runtime_call() sometimes attaches + wrong memory state to call + + S8214687: Optimize Collections.nCopies().hashCode() and + equals() + + S8214702: Wrong text position for whitespaced string in + printing Swing text + + S8215130: Fix errors in LittleCMS 2.9 reported by GCC 8 + + S8215265: C2: range check elimination may allow illegal out + of bound access + + S8217359: C2 compiler triggers SIGSEGV after transformation + in ConvI2LNode::Ideal + + S8217731: Font rendering and glyph spacing changed from jdk-8 + to jdk-11 + + S8217896: Make better use of LCPUs when building on AIX + + S8218201: Failures when vmIntrinsics::_getClass is not inlined + + S8218280: LineNumberReader throws "Mark invalid" exception if + CRLF straddles buffer. + + S8218780: Update MUSCLE PCSC-Lite header files + + S8219517: assert(false) failed: infinite loop in + PhaseIterGVN::optimize + + S8220072: GCC 8.3 reports errors in java.base + + S8222980: Upgrade IANA Language Subtag Registry to Version + 2019-04-03 + + S8223177: Data race on JvmtiEnvBase::_tag_map in + double-checked locking + + S8223227: Rename acquire_tag_map() to tag_map_acquire() in + jvmtiEnvBase + + S8225423: GTK L&F: JSplitPane: There is no divider shown + + S8226798: JVM crash in + klassItable::initialize_itable_for_interface(int, + InstanceKlass*, bool, Thread*) + + S8226964: [Yaru] GTK L&F: There is no difference between menu + selected and de-selected + + S8228440: TestAESCiphers tests fail with "access denied" + trying to access ArrayUtil + * Import of OpenJDK 8 u232 build 06 + + S8178870: instrumentation.retransformClasses cause coredump + + S8216965: crash in freetypeScaler.c CopyBW2Grey8 + + S8217676: Upgrade libpng to 1.6.37 + + S8222108: Reduce minRefreshTime for updating remote printer + list on Windows + * Import of OpenJDK 8 u232 build 08 + + S8225425: java.lang.UnsatisfiedLinkError: net.dll: Can't find + dependent libraries + + S8226607: Inconsistent info between pcsclite.md and MUSCLE + headers + + S8228469: (tz) Upgrade time-zone data to tzdata2019b + + S8230085: (fs) FileStore::isReadOnly is always true on macOS + Catalina + + S8231098: (tz) Upgrade time-zone data to tzdata2019c + + S8231463: Fix runtime/RedefineTests/RedefineDoubleDelete.java + test in 8u + * Shenandoah + + [backport] 8230425: Shenandoah forces +UseNUMAInterleaving + even after explicitly disabled + + Missing include precompiled.hpp in + shenandoahSynchronizerIterator.cpp + + Protect lir_shenandoah_wb with INCLUDE_ALL_GCS + + Prune unneeded (jccb|jmpb)_if_possible + + Revert parts of x86_64.ad to 8u upstream state + + Revert Shenandoah/JDK8-only changes relating to + MonitorInUseLists + + Revert Shenandoah-specific assert after JDK-8211926 landed + + S8228746: Revert incorrect StubRoutines::contains change + + S8231366: Shenandoah: Shenandoah String Dedup thread is not + properly initialized + * AArch64 port + + S8151775, PR3750: aarch64: add support for 8.1 LSE atomic + operations + + S8179954, PR3762: AArch64: C1 and C2 volatile accesses are + not sequentially consistent + + S8205421, PR3762: AARCH64: StubCodeMark should be placed + after alignment + + S8206163, PR3762: AArch64: incorrect code generation for + StoreCM + + S8209420, PR3762: Track membars for volatile accesses so they + can be properly optimized + + S8211233, PR3762: MemBarNode::trailing_membar() and + MemBarNode::leading_membar() need to handle dying subgraphs + better + + S8213134, PR3762: AArch64: vector shift failed with + MaxVectorSize=8 + + S8214857, PR3762: "bad trailing membar" assert failure at + memnode.cpp:3220 + + S8216350, PR3762: AArch64: monitor unlock fast path not called + + S8219011, PR3762: Implement MacroAssembler::warn method on + AArch64 + + S8228400, PR3762: Remove built-in AArch64 simulator + + S8228406, PR3762: Superfluous change in chaitin.hpp + + S8228593, PR3762: Revert explicit JDK 7 support additions + + S8228716, PR3762: Revert InstanceKlass::print_on debug + additions + + S8228718, PR3762: Revert incorrect backport of JDK-8129757 to + 8-aarch64 + + S8228725, PR3762: AArch64: Purge method call format support + + S8228747, PR3762: Revert "unused" attribute from + test_arraycopy_func + + S8228767, PR3762: Revert ResourceMark additions + + S8228770, PR3762: Revert development hsdis changes + + S8229123, PR3762: Revert build fixes for aarch64/zero + + S8229124, PR3762: Revert disassembler.cpp changes + + S8229145, PR3762: Revert TemplateTable::bytecode() visibility + change + + PR3762: profile_has_unique_klass gives wrong result + * AArch32 port + + [aarch32] Fix debug build failure introduced at feec5f4cea8b + + c1: misc bugfixes + + [c1] [Spec98] _228_jack crash + + CCC: align doubles on stack + + CritcalJNI support + + Fix ARMv6 target causes some asserts to fail + + Fix ccc: float args should go to stack after first double + allocated there + + Fix for jtreg TestArrayCopy6769124 -Xcomp + + Fix for single-core config crash + + Fix JVMTI PopFrame: should skip runtime call if next bytecode + is not invokestatic + + Fix native_wrapper faste unlock register used for temp, avoid + clobbering lock_obj register + + Fix operand value corruption in arraycopy + + Fix SIGSEGV in System.arraycopy + + Fix wrong fault_pc in safefetch stubs + + Follow-up the fix for 8161598 + + JTReg test compiler/uncommontrap/TestDeoptOOM.java causes JVM + assert + + Raw long address should be converted to sizeof(ptr) one when + it is required + + S8207838: AArch32: Float registers incorrectly restored in + JNI call + + save_args/restore_args misses second part of VMRegPair +- Removed patch: + * hotspot-aarch64.patch + + not needed any more with this version + +------------------------------------------------------------------- +Mon Oct 21 06:41:23 UTC 2019 - Guillaume GARDET + +- Apply hotspot-aarch64.patch only for aarch64, as some other + archs (armv6/7) use other hotspot sources + +------------------------------------------------------------------- +Thu Oct 17 10:07:15 UTC 2019 - Guillaume GARDET + +- Add patch to fix boo#1138529: + * hotspot-aarch64.patch + +------------------------------------------------------------------- +Fri Jul 19 06:28:01 UTC 2019 - Fridrich Strba + +- Update to version jdk8u222 (icedtea 3.13.0) + * Security fixes + + S8191073: JpegImageReader throws IndexOutOfBoundsException + when trying to read image data from tables-only image + + S8208698, CVE-2019-2745, bsc#1141784: Improved ECC + Implementation + + S8212328, CVE-2019-2762, bsc#1141782: Exceptional throw cases + + S8213431, CVE-2019-2766, bsc#1141789: Improve file protocol + handling + + S8213432, CVE-2019-2769, bsc#1141783: Better copies of + CopiesList + + S8216381, CVE-2019-2786, bsc#1141787: More limited privilege + usage + + S8217563: Improve realm maintenance + + S8218863: Better endpoint checks + + S8218873: Improve JSSE endpoint checking + + S8218876, CVE-2019-7317, bsc#1141780: Improve PNG support + options + + S8219018: Adjust positions of glyphs + + S8219020: Table alternate substitutions + + S8219775: Certificate validation improvements + + S8220192: Better outlook for SecureRandom + + S8220517: Enhanced GIF support + + S8221518, CVE-2019-2816, bsc#1141785: Normalize normalization + + S8223511, CVE-2019-2842, bsc#1141786: Extended AES support + * New features + + PR3743: Support EA builds + * Import of OpenJDK 8 u222 build 01 + + S8022879: TEST_BUG: sun/nio/cs/MalformedSurrogates.java + fails intermittently + + S8025209: Intermittent test failure + java/net/Socket/asyncClose/AsyncClose.java + + S8030690: TEST_BUG java/nio/Buffer/Chars.java fails + intermittently + + S8031563: TEST_BUG: + java/nio/channels/Selector/ChangingInterests.java failed once + + S8031666: TEST_BUG: java/net/ipv6tests/UdpTest.java failed + because of SocketTimeoutException + + S8048782: OpenJDK: PiscesCache : xmax/ymax rounding up can + cause RasterFormatException + + S8055814: [TESTBUG] runtime/NMT/NMTWithCDS.java fails with + product builds due to missing UnlockDiagnosticVMOptions + + S8073078: java/nio/file/FileStore/Basic.java sensitive to + NFS configuration + + S8129988: JSSE should create a single instance of the + cacerts KeyStore + + S8137231: sun/security/rsa/SpecTest.java timeout with Agent + error: java.lang.Exception + + S8150013: ParNew: Prune nmethods scavengable list. + + S8151225: Mark SpecTest.java as intermittently failing + + S8154156: PPC64: improve array copy stubs by using vector + instructions + + S8156035: Remove intermittent key from + sun/security/rsa/SpecTest.java + + S8157287: java/nio/file/FileStore/Basic.java failed with + "java.nio.file.AccessDeniedException : /zones/zoneone/root " + + S8192854: FONTCONFIG_CFLAGS missing from spec.gmk.in + + S8202768: [macos] Appkit thread slows when any Window + Manager active + + S8203627: Swing applications with JRadioButton and JCheckbox + fail to render correctly when using GTK3 and the GTK L&F + + S8205916: [test] Fix jdk/tools/launcher/RunpathTest to + handle both, RPATH and RUNPATH + + S8206955: MethodHandleProxies.asInterfaceInstance does not + support default methods + + S8207760: SAXException: Invalid UTF-16 surrogate detected: + d83c ? + + S8209951: Problematic sparc intrinsic: + com.sun.crypto.provider.CipherBlockChaining + + S8213825: assert(false) failed: Non-balanced monitor + enter/exit! Likely JNI locking + + S8214109: XToolkit is not correctly displayed color on + 16-bit high color setting + + S8214111: There is no icon in all JOptionPane target image + + S8214112: The whole text in target JPasswordField image are + not selected + + S8214252: Expanded & Collapsed nodes of a JTree look the + same on GTK3 + + S8214253: Tooltip is transparent rather than having a black + background + + S8217263: Automate DashOffset test + + S8217597: [TESTBUG] old version docker does not support + --cpus + + S8218469: JSlider display issue with slider for + GTKLookAndFeel + + S8218470: JScrollBar display issue with GTKLookAndFeel + + S8218472: JProgressBar display issue with GTKLookAndFeel + + S8218473: JOptionPane display issue with GTKLookAndFeel + + S8218479: JTextPane display issue with GTKLookAndFeel + + S8220349: The fix done for JDK-8214253 have caused issues in + JTree behaviour + + S8220718: Missing ResourceMark in nmethod::metadata_do + + S8221789: make reconfigure broken (jdk8u only) + + S8222965: Backport of JDK-8129988 broke the build + + S8222975: Fix 'release' file to reflect actual repo checkin + used to compile JDK + * Import of OpenJDK 8 u222 build 02 + + S8134030: test/serviceability/dcmd/gc/HeapDumpTest fails to + verify the dump + + S8151539: Remove duplicate AlwaysTrueClosures + + S8176100: [REDO][REDO] G1 Needs pre barrier on dereference + of weak JNI handles + + S8210416: [linux] Poor StrictMath performance due to + non-optimized compilation + + S8217315: Proper units should print more significant digits + + S8218674: HTML Tooltip with "img=src" on component doesn't + show + * Import of OpenJDK 8 u222 build 03 + + S7100957: SOCKS proxying does not work with IPv6 connections + + S7102541: RFE: os::set_native_thread_name() cleanups + + S8144332: HSDB could not terminate when close button is + pushed. + + S8151322: Implement os::set_native_thread_name() on Solaris + + S8154387: Parallel unordered Stream.limit() tries to collect + 128 elements even if limit is less + + S8189131: Open-source the Oracle JDK Root Certificates + + S8189949: Remove Baltimore Cybertrust Code Signing CA + + S8191031: Remove several Symantec Root CAs + + S8191844: Remove SECOM root (secomevrootca1) + + S8195774: Add Entrust root certificates + + S8195793: Remove GTE CyberTrust Global Root + + S8196141: Add GoDaddy root certificates + + S8199779: Add T-Systems, GlobalSign and Starfield services + root certificates + + S8204923: Restore Symantec root verisignclass2g2ca + + S8209506: Add Google Trust Services GlobalSign root + certificates + + S8210425: [x86] sharedRuntimeTrig/sharedRuntimeTrans + compiled without optimization + + S8210432: Add additional TeliaSonera root certificate + + S8213213: Remove + src/java.desktop/unix/classes/sun/awt/X11/keysym2ucs.h + + S8214770: java/time/test/java/time/format/ + /TestNonIsoFormatter.java failed in non-english locales. + + S8216577: Add GlobalSign's R6 Root certificate + + S8218152: [javac] fails and exits with no error if a bad + annotation processor provided + + S8222136: Remove two Comodo root CA certificates that are + expiring + + S8222137: Remove T-Systems root CA certificate + + S8223555: Cleanups in cacerts tests + + S8223664: Add jtreg tests for 8223528, backport to jdk8u of + 8176100 + * Import of OpenJDK 8 u222 build 04 + + S8158232: PPC64: improve byte, int and long array copy stubs + by using VSX instructions + + S8190974: Parallel stream execution within a custom + ForkJoinPool should obey the parallelism + + S8203190: SessionId.hashCode generates too many collisions + + S8223499: Remove two DocuSign root certificates that are + expiring + + S8223883: Fix jni.cpp copyright date after 8223528 + * Import of OpenJDK 8 u222 build 05 + + S8019816: [TEST_BUG][macosx] closed/java/awt/BasicStroke/ + /DashZeroWidth.java not on EDT + + S8044289: In ImageIO.write() and ImageIO.read() null stream + is not handled properly. + + S8055705: Rename UnixPrintServiceLookup and + Win32PrintServiceLookup as a platform neutral class name + + S8059575: JEP-JDK-8043304: Test task: Tiered Compilation + level transition tests + + S8075939: Stream.flatMap() causes breaking of + short-circuiting of terminal operations + + S8143097: java/net/ipv6tests/UdpTest.java fails + intermittently with "checkTime failed: got 1998 expected 4000" + + S8151226: Mark UdpTest.java as intermittently failing + + S8166684: PPC64: implement intrinsic code with vector + instructions for Unsafe.copyMemory() + + S8185969: PPC64: Improve VSR support to use up to 64 + registers + + S8193830: Xalan Update: Xalan Java 2.7.2 + + S8196775: java/net/Socket/asyncClose/Race.java failed + intermittently on Windows with ConnectException: Connection + refused + + S8202414: Unsafe write after primitive array creation may + result in array length change + + S8202651: Test ComodoCA.java fails + + S8204929: Fonts with embedded bitmaps are not always rotated + + S8210886: Remove references in xwindows.md to non-existent + files. + + S8210985: Update the default SSL session cache size to 20480 + + S8213183: InputMethod cannot be used after its restarting + + S8214765: All TrayIcon MessageType icons does not show up + with gtk3 option set + + S8218020: Back out accidental changes that belong elsewhere + + S8218020: Fix version number in mesa.md 3rd party legal file + + S8220495: Update GIFlib library to the 5.1.8 + + S8222670: pathological case of JIT recompilation and code + cache bloat + + S8223537: testlibrary_tests/ctw/ClassesListTest.java fails + with Agent timeout frequently + + S8224727: Problem list test security/infra/java/security/ + /cert/CertPathValidator/certification/ActalisCA.java + + S8225065: Revert 8221166 (8u backport of 8048782) + * Import of OpenJDK 8 u222 build 06 + + S8173910: (fs) java/nio/file/FileSystem/Basic.java should + conditionally check FileStores + + S8176237: (fs) java/nio/file/FileStore/Basic.java should + conditionally check FileStores + + S8202884: SA: Attach/detach might fail on Linux if debugee + application create/destroy threads during attaching + * Import of OpenJDK 8 u222 build 07 + + S8153732: Windows remote printer changes do not reflect in + lookupPrintServices() + + S8212202: [Windows] Exception if no printers are installed. + + S8221263: [TEST_BUG] RemotePrinterStatusRefresh test is hard + to use + + S8221412: lookupPrintServices() does not always update the + list of Windows remote printers + + S8225716: G1 GC: Undefined behaviour in + G1BlockOffsetTablePart::block_at_or_preceding + * Import of OpenJDK 8 u222 build 08 + + S8040211: Update LSR datafile for BCP 47 + + S8177472: Remove hard-coded IANA Subtag Registry map in + LocaleEquivalentMap.java + + S8181594: Efficient and constant-time modular arithmetic + + S8182999: SunEC throws ProviderException on invalid curves + + S8187946: Support ISO 4217 Amendments 163 and 164 + + S8191404: Upgrading JDK with latest available LSR data from + IANA. + + S8193552: ISO 4217 amendment 165 + + S8195478: sun/text/resources/LocaleDataTest.java fails with + java.lang.Exception + + S8201317: X25519/X448 code improvements + + S8202026: ISO 4217 amendment 166 + + S8203228: Branch-free output conversion for X25519 and X448 + + S8203872: Upgrading JDK with latest available LSR data from + IANA. + + S8204269: ISO 4217 amendment 167 + + S8208648: ECC Field Arithmetic Enhancements + + S8208746: ISO 4217 Amendment #168 update + + S8209775: ISO 4217 Amendment #169 update + + S8210153: localized currency symbol of VES + + S8213294: Upgrade IANA LSR data + + S8214935: Upgrade IANA LSR data + + S8219781: Localized names for Japanese era Reiwa in COMPAT + provider + * Import of OpenJDK 8 u222 build 09 + + S8135248: Add utility methods to check indexes and ranges + + S8142493: Utility methods to check indexes and ranges + doesn't specify behavior when function produces null + + S8146458: Improve exception reporting for + Objects.checkIndex/checkFromToIndex/checkFromIndexSize + + S8155794: Move Objects.checkIndex BiFunction accepting + methods to an internal package + + S8179098: Crypto AES/ECB encryption/decryption performance + regression (introduced in jdk9b73) + * Import of OpenJDK 8 u222 build 10 + + S8157792: After Integrating tzdata2016d the test/sun/util/ + /calendar/zi/TestZoneInfo310.java fails for "Asia/Oral" and + "Asia/Qyzylorda" Timezones + + S8215982: (tz) Upgrade time-zone data to tzdata2018i + + S8224560: (tz) Upgrade time-zone data to tzdata2019a + + S8225580: tzdata2018i integration causes test failures on + jdk-13 + * Shenandoah + + [backport] 8210879: ClassLoaderStatsClosure does raw oop + comparison + + [backport] 8216973: Kick up cleanup phases in the right + places + + [backport] 8217016: Shenandoah: Streamline generation of CAS + barriers + + [backport] 8217043: Shenandoah: SIGSEGV in + Type::meet_helper() at barrier expansion time + + [backport] 8217213: shenandoahTaskQueue.hpp includes + .inline.hpp file + + [backport] 8217319: Cleanup Shenandoah includes + + [backport] 8217343: Shenandoah control thread should be able + to run at critical priority + + [backport] 8217400: Optimized build is broken by Shenandoah + changes + + [backport] 8217874: Shenandoah: Clobbered register in + ShenandoahBarrierSetAssembler::cmpxchg_oop() + + [backport] 8219524: Shenandoah misreports "committed" size + in MemoryMXBean + + [backport] 8219857: Shenandoah GC may initialize thread's + gclab twice + + [backport] 8219976: GarbageCollectionNotificationInfo always + says "No GC" when running Shenandoah + + [backport] 8220153: Shenandoah does not work with + TransparentHugePages properly + + [backport] 8220162: Shenandoah should not commit HugeTLBFS + memory + + [backport] 8220228: Improve Shenandoah pacing histogram + message + + [backport] 8220350: Refactor ShenandoahHeap::initialize + + [backport] 8220712: [TESTBUG] gc/shenandoah/compiler/ + /TestMaybeNullUnsafeAccess should run with Shenandoah enabled + + [backport] 8220714: C2 Compilation failure when accessing + off-heap memory using Unsafe + + [backport] 8221278: Shenandoah should not enqueue string + dedup candidates during root scan + + [backport] 8222130: Shenandoah should verify roots after + pre-evacuation + + [backport] 8222185: Shenandoah should report "committed" as + capacity + + [backport] 8222186: Shenandoah should not uncommit below + minimum heap size + + [backport] 8222403: Shenandoah: Remove + ShenandoahAlwaysTrueClosure, use AlwaysTrueClosure instead + + [backport] 8222425: Shenandoah: Move commonly used closures + to separate files + + [backport] 8223446: Shenandoah breaks alignment with some + HumongousThreshold values + + [backport] 8223447: Stabilize + gc/shenandoah/TestStringDedupStress test + + [backport] 8223651: Build fails with + --with-jvm-features=-jfr and --disable-precompiled-headers + + [backport] 8223759: Shenandoah should allow arbitrarily low + initial heap size + + [backport] 8223762: Shenandoah: overflows in calculations + involving heap capacity + + [backport] 8223767: Shenandoah fails to build on Solaris + x86_64 + + [backport] 8223980: Shenandoah: Refactor and fix + ObjArrayChunkedTask verification + + [backport] 8222838: Shenandoah: SEGV on accessing cset + bitmap for NULL ptr + + [backport] 8222843: Print Shenandoah cset map addresses in + hs_err + + [backport] Added a few missed worker sessions for worker + tasks + + [backport] Add JFR parallel and concurrent events + (infrastructure) + + [backport] Adjust metaspace size during each GC + + [backport] A few more missing object equals barriers + + [backport] Always copy forward for disjoint arrays (test) + + [backport] Assert that Shenandoah does not trip JDK-8211926 + + [backport] Avoid false sharing by padding the + ShenandoahEvacOOMHandler field in ShenandoahHeap + + [backport] Avoid write barrier during full GC + + [backport] Beef up and parallelize EvilSyncBug test + + [backport] c2 verification pass fixes for CAS + + [backport] Cherry-pick bulk MarkBitMap clearing methods + + [backport] Cherry-pick JDK-8212673, fix for Node::eqv_uncast + + [backport] Cleanup .ad files includes + + [backport] Clean up and regroup Shenandoah flags + + [backport] Cleanup buffered queue handling + + [backport] Cleanup C2 debugging leftovers + + [backport] Clean up dead code + + [backport] Clean up declarations and uses of + marked_object_iterate + + [backport] Cleanup header files and forward declarations + + [backport] Clean up Shenandoah configurations in shared tests + + [backport] Clean up ShHeap::heap_region_iterate uses + + [backport] Cleanup unused bitmap methods + + [backport] Cleanup up superfluous newlines + + [backport] Coarsen Full GC use of heap lock + + [backport] Code root iterators should not be instantiated in + worker threads + + [backport] Common liveness cache in ShHeap + + [backport] Compact heuristics adjustments + + [backport] Concurrent cycle by default on any external GC + request + + [backport] Disable heap iteration for Shenandoah in SA + + [backport] Disable ShHeapUncommit on too-large large-pages + + [backport] Drop Shenandoah from test names + + [backport] Eliminating Shenandoah exposure to CLD + + [backport] Enable NUMA by default + + [backport] Enable string deduplication in all marking phases + + [backport] Factor out implicit/explicit GC requests + + [backport] Fail early when critical barriers are disabled + + [backport] Filter out TestPromotionToSurvivor.java test for + Shenandoah + + [backport] Filter upstream tests for Shenandoah (part 1: + tier1_gc) + + [backport] Fix build failures when Shenandoah is disabled, + after #include reshuffles + + [backport] Fix call to is_g1_marking_load() with + is_shenandoah_state_load() in ShenandoahSupport + + [backport] Fix compilation errors due to missing spaces + between string literal and macro + + [backport] Fixed ShenandoahStrDedupStress test that causes + negative index OOB exception + + [backport] Fix inconsistent "process weakrefs" logging + + [backport] Fix indentation of CriticalNative* tests + + [backport] Fix indenting in ShMarkCompact::do_it + + [backport] Fix up superfluous changes against upstream + + [backport] Fix various formattings and namings in shared GC + code + + [backport] Fix Windows build failure + + [backport] Force termination logic is inverted + + [backport] Handle metadata induced GC + + [backport] Handle ShHeap::time_since_last_millis for RMI + users + + [backport] Handle update_refs, class_unload, ref_proc in + ShConcMark better + + [backport] Homogenize unimplemented stubs handling + + [backport] Improve liveness count during marking + + [backport] Initial committed regions count can be more than + max + + [backport] Inline/rename confusingly named methods in + ShConcurrentMark + + [backport] Inline ShHeap::do_marked_object_complete + + [backport] Inline ShHeap::monitoring_support into header + + [backport] Inline ShHeap::prepare_concurrent_evacuation + + [backport] Inline trivial ShHeap methods right in header + + [backport] In update-refs, update all code-roots when in + degen-gc + + [backport] JVMTI lacks a few GC barriers/hooks + + [backport] Make heuristics tell if we can process references + or unload classes + + [backport] Make ResourceMark use consistent in + ShenandoahCodeRoots + + [backport] Make Shenandoah to use ShenandoahOWST only + + [backport] Make sure bitmap is marked incomplete before + bitmap resets + + [backport] Make sure debug builds fail predictably on + safepoint timeout + + [backport] Micro-optimize ShHeap::get_region by moving the + most likely branch first + + [backport] Minor cleanup of Shenandoah SA + + [backport] Missed VerifyObjectEquals in VerifyJCStressTest + + [backport] More AArch64 assembler cleanups + + [backport] Move HdrSeq and BinaryMagnitudeSeq into + Shenandoah utilities + + [backport] Move ShenandoahAllocType and + ShenandoahAllocRequest to separate file + + [backport] Move ShenandoahGCTracer to gc/shenandoah + + [backport] Move Shenandoah tests to proper locations + + [backport] Need to step over GC barriers in + Node::eqv_uncast() + + [backport] Parallel heap region iteration + + [backport] Parallelise "Clear Liveness" + + [backport] Parallelise "Complete Liveness" + + [backport] Partial infrastructure for suspendible workers + + [backport] Precleaning should use GC workers to do actual + work + + [backport] Pre-evac JVMTI roots + fixes + + [backport] Prefix Shenandoah tests with "Test" + + [backport] Prepare tests for making UseShenandoahGC + experimental + + [backport] Print number of threads in Shenandoah SA heap + summary + + [backport] Print "process weakrefs" to disambiguate vs + CM-with-UR + + [backport] Protect more internal code from false sharing + + [backport] Protect risky conversion in + ShenandoahHeap::millis_since_last_gc + + [backport] Purge some G1-related cruft in C2 + + [backport] Purge unnecessary time conversion in + ShenandoahPhaseTimings::record_phase_time + + [backport] Readjust ShenandoahStrDedupStress test to avoid + timeout + + [backport] Record location when asserting the code root + correctness + + [backport] Refactor bitmap cleaning + + [backport] Reformat Shenandoah tests + + [backport] Rehash and cleanup usages of + ShenandoahHeap::heap() + + [backport] Re-label Shenandoah GC causes (SA&GC) + + [backport] Remove dead-weight ShenandoahPrinter + + [backport] Remove fix-roots pass in ShHeap + + [backport] Remove obsolete and ignored TestHeapAlloc + + [backport] Remove obsolete code snippet related to barriers + on constants + + [backport] Remove obsolete unused flags + + [backport] Remove old code from escape analysis + + [backport] Remove Parallel Cleanup counters + + [backport] Remove ShenandoahCompileCheck + + [backport] Remove ShenandoahWriteBarrierCsetTestInIR flag + + [backport] Remove ShenandoahWriteBarrierRB flag + + [backport] Remove ShHeap::_heap_expansion_count + + [backport] Remove ShHeap::region_in_collection_set in favor + of SHR::in_cset + + [backport] Remove ShWB from formssel.cpp + + [backport] Remove unused SA ShenandoahHeapRegionSet.java + + [backport] Remove unused ShenandoahEvacuateRootsClosure + + [backport] Remove useless change in loopnode.cpp + + [backport] Remove useless ShHeap::heap_region_iterate + + [backport] Rename BrooksPointer to ShenandoahBrooksPointer + + [backport] Rename concurrentMark -> concurrent_mark + + [backport] Rename fields in (SA) ShenandoahHeap.java to omit + 'Regions' and 'Field' suffix + + [backport] Rename ShHeap::shenandoahPolicy -> + ShHeap::shenandoah_policy + + [backport] Rename UINT64_FORMAT_HEX_W to UINT64_FORMAT_X_W + + [backport] Rename VerifyObjectEquals to + ShenandoahVerifyObjectEquals + + [backport] Rename vm_operations_shenandoah.* to + shenandoahVMOperations.* + + [backport] Renaming ShenandoahParallelEvacuationTask to + ShenandoahConcurrentEvacuationTask + + [backport] Separate "passive" heuristics from "adaptive" + + [backport] Several AArch64 cleanups + + [backport] ShenandoahMemoryPool should support usage + threshold + + [backport] Shenandoah should @require Shenandoah, @key gc, + and have good @test + + [backport] Shenandoah test groups should not include each + other + + [backport] Silence VSC++ about multiple assignment operators + + [backport] Simplify Shenandoah task termination in aborted + paths + + [backport] Single marking bitmap + + [backport] Skip pre-evac verification and pacing on shortcut + cycle path + + [backport] Some Shenandoah related additions to SA + + [backport] Sort ShenandoahConcurrentMark methods/fields into + logical groups + + [backport] Sort ShenandoahHeap methods/fields into logical + groups + + [backport] StringDedupMode enum for closures/method templates + + [backport] Support VerifyBeforeGC and VerifyAfterGC VM + options + + [backport] Suppressing VSC++ warning locally + + [backport] Trim down oop-equals verification + + [backport] Trim unused code from Shenandoah SA + + [backport] Turn TestReferenceCAS into a standalone/no-testng + test + + [backport] Update copyrights + + [backport] Use ShenandoahAllocationThreshold in + ShenandoahStaticHeuristics constructor + + [backport] Use s-macro to keep GC phase enum and names in + sync + + Enable heap inspection for Shenandoah + + Excess barriers before JNI accesses, already covered by + "Move barriers into typeArrayOop.hpp direct memory accessors" + + Fix build failure due to unknown INCLUDE_SHENANDOAHGC + + Fix dangling write-barrier in acmp + + Fix force termination detection by spin master + + Fix minimal VM build + + Fix non-PCH builds + + Fix shutdown deadlock due to blocking SATB flush periodic + task + + JDK8u-only: Use WB-based acmp barrier + + Prettify Shenandoah JDK 8 logging + + ShenandoahSATBBufferSize cannot be size_t in 8u + + Adjust code stub sizes for Shenandoah and future backports + + Enable weak JNI handling with Shenandoah after JDK-8176100 + * AArch64 port + + S8176100, PR3745: [AArch64] [REDO][REDO] G1 Needs pre + barrier on dereference of weak JNI handles + + S8186325, PR3745: AArch64: jtreg test + hotspot/test/gc/g1/TestJNIWeakG1/TestJNIWeakG1.java SEGV + + S8210425, PR3745: [AArch64] sharedRuntimeTrig/sharedRuntimeTrans + compiled without optimization + + S8224671, PR3745: AArch64: mauve System.arraycopy test + failure + + S8224828, PR3745: aarch64: rflags is not correct after + safepoint poll + + S8224880, PR3745: AArch64: java/javac error with + AllocatePrefetchDistance + * AArch32 port + + [aarch32] fix crash 'guarantee(sect->end() <= tend) failed: + sanity' + + Remove debug output + + S8176100: [aarch32] [REDO][REDO] G1 Needs pre barrier on + dereference of weak JNI handles +- Removed patch: + * aarch64.patch + + not needed any more + +------------------------------------------------------------------- +Fri Jul 5 08:23:43 UTC 2019 - Fridrich Strba + +- Do not fail installation when the manpages are not present + (bsc#1115375) + +------------------------------------------------------------------- +Thu May 2 14:41:23 UTC 2019 - Fridrich Strba + +- Update to version jdk8u212 (icedtea 3.12.0) + * Security fixes + + S8211936, CVE-2019-2602, bsc#1132728: Better String parsing + + S8218453, CVE-2019-2684, bsc#1132732: More dynamic RMI + interactions + + S8219066, CVE-2019-2698, bsc#1132729: Fuzzing TrueType fonts: + setCurrGlyphID() + * New features + + PR3734: Make use of branding options + * Import of OpenJDK 8 u202 build 08 + + S8064811: Use THREAD instead of CHECK_NULL in return + statements + + S8068440: Test6857159.java times out + + S8073139: PPC64: User-visible arch directory and os.arch + value on ppc64le cause issues with Java tooling + + S8073159: improve Test6857159.java + + S8129560: TestKeyPairGenerator.java fails on Solaris because + private exponent needs to comply with FIPS 186-4 + + S8130655: OS X: keyboard input in textfield is not possible + if the window contained textfield is owned by EmbeddedFrame + + S8131051: KDC might issue a renewable ticket even if not + requested + + S8134124: sun/security/tools/jarsigner/warnings.sh fails + when using Hindi locale + + S8139507: WARNING: Could not open/create prefs root node + Software\JavaSoft\Prefs + + S8141421: Various test fail with OOME on win x86 + + S8145788: JVM crashes with -XX:+EnableTracing + + S8155635: C2: Mixed unsafe accesses break alias analysis + + S8156709: Cannot call setSeed on NativePRNG on Mac if EGD is + /dev/urandom + + S8160928: javac incorrectly copies over interior type + annotations to bridge method + + S8161732: [TEST_BUG] Test closed/java/awt/MenuBar/MenuBarPeer/ + /MenuBarPeerDisposeTest.java fails in unix enviroments with + NullPointerException + + S8163083: SocketListeningConnector does not allow + invocations with port 0 + + S8164383: jhsdb dumps core on Solaris 12 when loading dumped + core + + S8170937: Swing apps are slow if displaying from a remote + source to many local displays + + S8174050: Compilation errors with clang-4.0 + + S8182461: IndexOutOfBoundsException when reading indexed + color BMP + + S8183979: Remove Kodak CMS (KCMS) code from Oracle JDK + + S8186098: sun/security/pkcs11/KeyStore/SecretKeysBasic.sh + failed due to libnss3 version cannot be parsed + + S8187218: GSSCredential.getRemainingLifetime() returns + negative value for TTL > 24 days. + + S8191006: hsdis disassembler plugin does not compile with + binutils 2.29+ + + S8191178: [macos] Problem with input of yen symbol + + S8191948: db error: InvalidTypeException: Can't assign + double[][][] to double[][][] + + S8193879: Java debugger hangs on method invocation + + S8194864: Outputs more details for PKCS11 tests if the NSS + lib version cannot be determined + + S8196882: VS2017 Hotspot Defined vsnprintf Function Causes + C2084 Already Defined Compilation Error + + S8200719: Cannot connect to IPv6 host when exists any active + network interface without IPv6 address + + S8201801: RTL language (Hebrew) is presented from left to + right + + S8202264: Race condition in AudioClip.loop() + + S8202557: OpenJDK fails to start in Windows 7 and 8.1 after + upgrading compiler to VC 2017 + + S8204966: [TESTBUG] hotspot/test/compiler/whitebox/ + /IsMethodCompilableTest.java test fails with + -XX:CompileThreshold=1 + + S8205479: OS X: requestFocus() does not work properly for + embedded frame + + S8205965: SIGSEGV on write to NativeCallStack::EMPTY_STACK + + S8206392: [macosx] Cycling through windows (JFrames) does + not work with keyboard shortcut + + S8206911: javax/xml/crypto/dsig/GenerationTests.java fails + in 8u-dev + + S8207060: Memory leak when malloc fails within + WITH_UNICODE_STRING block + + S8207145: (fs) Native memory leak in + WindowsNativeDispatcher.LookupPrivilegeValue0 + + S8207150: Clip.isRunning() may return true after Clip.stop() + was called + + S8207322: Backport GTK3 support on Linux to 8u + + S8207750: Native handle leak in + java.io.WinNTFileSystem.list() + + S8208091: SA: jhsdb jstack --mixed throws + UnmappedAddressException on i686 + + S8208183: update HSDIS plugin license to UPL + + S8208541: non-ASCII characters in hsdis UPL text + + S8208638: Instead of circle rendered in appl window, but + ellipse is produced JEditor Pane + + S8209184: JCK Test Failure due to ResourceBundle + + S8209359: [8u] hotspot needs to recognise cl.exe 19.13 to + build with VS2017. + + S8209863: Add a test to verify that -XX:+EnableTracing works + + S8210350: -Wl,-z,defs JDK 8 build failure + + S8210384: SunLayoutEngine.isAAT() font is expensive on MacOS + + S8210736: jdk/javax/xml/crypto/dsig/GenerationTests.java + slow on linux + + S8210891: Remove unused extutil.h from JDK8u sources + + S8211124: HotSpot update for vm_version.cpp to recognise + updated VS2017 + + S8211150: G1 Full GC not purging code root memory and hence + causing memory leak + + S8211394: CHECK_ must be used in the rhs of an assignment + statement within a block + + S8211909: JDWP Transport Listener: dt_socket thread crash + + S8211933: [8u] hotspot adlc needs to link statically with + libstdc++ for gcc7.3 + + S8212709: Backout backport of JDK-8211394 from jdk 8u-dev + + S8212821: CHECK_ must be used in the rhs of an assignment + statement within a block (round 2) + * Import of OpenJDK 8 u212 build 04 + + S7127191: SA JSDB does not display native symbols correctly + for transported Linux cores + + S8027434: "-XX:OnOutOfMemoryError" uses fork instead of vfork + + S8028254: gc/arguments/TestMinInitialErgonomics.java failed + with unexpected initial heap size + + S8042131: DateTimeFormatterBuilder Mapped-values do not work + for JapaneseDate + + S8043387: java/time/test/java/util/TestFormatter.java failed. + + S8044047: Missing null pointer checks for streams + + S8059038: Create new launcher for SA tools + + S8065749: [TESTBUG]: gc/arguments/TestG1HeapRegionSize.java + fails at nightly + + S8068269: RTM tests that assert on non-zero lock statistics + are too strict in RTMTotalCountIncrRate > 1 cases + + S8076164: [JTextField] When input too long Thai character, + cursor's behavior is odd + + S8076274: [TESTBUG] Remove @ignore from + runtime\NMT\JcmdDetailDiff.java + + S8076458: java/util/stream/test/org/openjdk/tests/java/util/ + /stream/FlatMapOpTest.java timeout + + S8077608: [TESTBUG] Enable Hotspot jtreg tests to run in + agentvm mode + + S8080932: [TEST_BUG] Test + java/awt/BasicStroke/DashStrokeTest.java fails with Bad script + error due to improper @run notation + + S8132136: [PIT] RTL orientation in JEditorPane is broken + + S8132985: Crash in freetypescaler.c due to double free + + S8133108: [PIT] Container size is wrong in JEditorPane + + S8133731: [TEST_BUG] Unmappable in ASCII character such as + Thai should be escaped in the regtests targeted for a regular + non-I18n runs + + S8133802: replace some tags (obsolete in html5) in + security-libs docs + + S8133984: print_compressed_class_space() is only defined in + 64-bit VM + + S8139803: Fix for 8132985 breaks OpenJDK build on windows. + + S8148928: java/util/stream/test/**/SequentialOpTest.java + timed out intermittently + + S8164656: krb5 does not retry if TCP connection timeouts + + S8170681: Remove fontconfig header files from JDK source tree + + S8175120: Remove old tests on kdc timeout policy + + S8180469: Wrong short form text for supplemental Japanese era + + S8180904: Hotspot tests running with -agentvm failing due to + classpath + + S8185975: PPC64: Fix vsldoi interface according to the ISA + + S8187364: Unable to enter zero width non-joiner (ZWNJ) + symbol in Swing text component + + S8189761: COMPANY_NAME, IMPLEMENTOR, BUNDLE_VENDOR, VENDOR, + but no configure flag + + S8193764: Cannot set COMPANY_NAME when configuring a build + + S8195153: [test] runtime/6981737/Test6981737.java shouldn't + check 'java.vendor' and 'java.vm.vendor' properties + + S8200109: NMT: diff_malloc_site assert(early->flags() == + current->flags(), "Must be the same memory type") + + S8200115: System property java.vm.vendor value includes + quotation marks + + S8202088: Japanese new era implementation + + S8204142: AWT hang occurs when sequenced events arrive out + of sequence in multiple AppContexts + + S8205432: Replace the placeholder Japanese era name + + S8206075: On x86, assert on unbound assembler Labels used as + branch targets + + S8206120: Add test cases for lenient Japanese era parsing + + S8207070: Webstart app popup on wrong screen in a one-screen + setup changing to multi-monitor + + S8207152: Placeholder for Japanese new era should be two + characters + + S8207258: Distrust TLS server certificates anchored by + Symantec Root CAs + + S8208480: Test failure: assert(is_bound() || is_unused()) + after JDK-8206075 in C1 + + S8208656: Move java/util/Calendar/CalendarTestScripts tests + into OpenJDK + + S8210633: Cannot parse JapaneseDate string with + DateTimeFormatterBuilder Mapped-values + + S8210647: libsaproc is being compiled without optimization + + S8211106: [windows] Update OS detection code to recognize + Windows Server 2019 + + S8211231: BarrierSetC1::generate_referent_check() confuses + register allocator + + S8211382: ISO2022JP and GB18030 NIO converter issues + + S8211398: Square character support for the Japanese new era + + S8211435: Exception in thread "AWT-EventQueue-1" + java.lang.IllegalArgumentException: null source + + S8211926: Catastrophic size_t underflow in BitMap::*_large + methods + + S8212110: Build of saproc.dll broken on Windows 32 bit after + JDK-8210647 + + S8212178: Soft reference reclamation race in + com.sun.xml.internal.stream.util.ThreadLocalBufferAllocator + + S8212914: Test + javax/imageio/plugins/bmp/BMP8BPPLoadTest.java fails + + S8212941: Support new Japanese era in + java.time.chrono.JapaneseEra + + S8213151: [AIX] Some class library files are missing the + Classpath exception + + S8213154: Update copyright headers of files in src tree that + are missing Classpath exception + + S8213419: C2 may hang in MulLNode::Ideal()/MulINode::Ideal() + with gcc 8.2.1 + + S8213583: Error while opening the JFileChooser when desktop + contains shortcuts pointing to deleted files. + + S8213952: Relax DNSName restriction as per RFC 1123 + + S8213983: [macosx] Keyboard shortcut \u201ccmd +`\u201d + stops working properly if popup window is displayed + + S8213992: Rename and make DieOnSafepointTimeout the + diagnostic option + + S8214061: Buffer written into itself + + S8214189: test/hotspot/jtreg/compiler/intrinsics/mathexact/ + /MulExactLConstantTest.java fails on Windows x64 when run + with -XX:-TieredCompilation + + S8214206: Fix for JDK-8213419 is broken on 32-bit + + S8215364: JavaFX crashes on Ubuntu 18.04 with Wayland while + using Swing-FX interop + + S8215934: G1 Old Gen MemoryPool CollectionUsage.used values + don't reflect mixed GC results + + S8215976: Fix gmtime_r declaration conflicts in zip.cpp with + linux header files + + S8216037: Avoid calling vm_update with a NULL name + + S8216058: [TESTBUG] tools/launcher/VersionCheck.java fails + after JDK-8215992 + + S8216396: Support new Japanese era and new currency code + points in java.lang.Character for Java SE 8 + + S8217305: Missing 0 in java.dll file version cause issues + with patch management software + + S8217432: MetaspaceGC::_capacity_until_GC exceeds + MaxMetaspaceSize + + S8217520: Remove vm.opt.MaxGCPauseMillis == "null" from + TestOldGenCollectionUsage.java + + S8217579: TLS_EMPTY_RENEGOTIATION_INFO_SCSV is disabled + after 8211883 + + S8217609: New era placeholder not recognized by + java.text.SimpleDateFormat + + S8217710: Add 5 currency code points to Java SE 8uX + + S8218613: [TESTBUG] runtime/ErrorHandling tests are building + incorrect testlibrary classes + + S8218915: Change isJavaIdentifierStart and + isJavaIdentifierPart to handle new code points + + S8219636: Windows build failure after JDK-8207070 8u backport + + S8219890: Calendar.getDisplayName() returns empty string for + new Japanese Era on some locales + + S8219961: [ppc64] Increase code size for interpreter + generation. + + S8220397: REGRESSION: JDK-8036003 backport regresses + no_strip builds + + S8220641: [TESTBUG] New test KdcPolicy.java introduced by + JDK-8164656 needs same change as JDK-8190690 + + S8221355: Performance regression after JDK-8155635 backport + into 8u + * Backports + + S8222286, PR3727: Fix for JDK-8213419 is broken on s390 + * Bug fixes + + PR3718: Change policytool.desktop.in category Development to + Settings + + PR3719: Use JRE bin directory in policytool.desktop.in + + PR3722: Use SDK bin directory in jconsole.desktop.in + + PR3723: Use shortened Java version first in Name field of + desktop files + + PR3728: CVE-2018-3639 fix revision to prefer + PR_SPEC_DISABLE_NOEXEC to PR_SPEC_DISABLE + + PR3736: Use https URLs where possible. + * AArch64 port + + S8153172, PR3724: aarch64: hotspot crashes after the 8.1 LSE + patch is merged + + S8213419, PR3724: [AArch64] C2 may hang in + MulLNode::Ideal()/MulINode::Ideal() with gcc 8.2.1 + + S8221220, PR3724: AArch64: Add StoreStore membar explicitly + for Volatile Writes in TemplateTable + * AArch32 port + + S8213419: [AArch32] C2 may hang in + MulLNode::Ideal()/MulINode::Ideal() with gcc 8.2.1 + + S8214189: [AArch32] test/hotspot/jtreg/compiler/intrinsics/ + /mathexact/MulExactLConstantTest.java fails on Windows x64 + when run with -XX:-TieredCompilation +- Modified patch: + * java-1_8_0-openjdk-suse-desktop-files.patch + + rediff to changed context + +------------------------------------------------------------------- +Wed Apr 24 09:47:03 UTC 2019 - Martin Liška + +- Disable LTO (boo#1133135). + +------------------------------------------------------------------- +Tue Mar 5 07:44:21 UTC 2019 - Fridrich Strba + +- Update to version jdk8u201 (icedtea 3.11.0) + * Security fixes + + S8199156: Better route routing + + S8199161: Better interface enumeration + + S8199166: Better interface lists + + S8199552: Update to build scripts + + S8200659: Improve BigDecimal support + + S8203955: Improve robot support + + S8204895: Better icon support + + S8205356: Choose printer defaults + + S8205709: Proper allocation handling + + S8205714: Initial class initialization + + S8206290, CVE-2019-2422, bsc#1122293: Better FileChannel + transfer performance + + S8206295: More reliable p11 transactions + + S8206301: Improve NIO stability + + S8208585: Make crypto code more robust + + S8209094, CVE-2019-2426: Improve web server connections + + S8210094: Better loading of classloader classes + + S8210598: Strengthen Windows Access Bridge Support + + S8210606: Improved data set handling + + S8210610: Improved LSA authentication + + S8210866, CVE-2018-11212, bsc#1122299: Improve JPEG + processing + + S8210870: Libsunmscapi improved interactions + * New features + + PR3667: Use the internal copy of the SunEC library rather + than statically linking against NSS + * Import of OpenJDK 8 u192 build 12 + + S6730115: Fastdebug VM crashes with "ExceptionMark destructor + expects no pending exceptions" error + + S8022177: Windows/MSYS builds broken + + S8026331: hs_err improvement: Print if we have seen any + OutOfMemoryErrors or StackOverflowErrors + + S8026335: hs_err improvement: Print exact compressed oops + mode and the heap base value. + + S8027584: Disable ccache by default + + S8031759: Improved tool overriding in configure + + S8033292: only warn, not fail, on unknown variables in + configure + + S8034199: Add 'reconfigure' target for re-creating a + configuration + + S8034788: Rewrite toolchain.m4 to support multiple toolchains + per platform. + + S8035074: hs_err improvement: Add time zone information in + the hs_err file + + S8035495: Improvements in autoconf integration + + S8035725: Must keep microsoft VS_PATH on PATH after toolchain + detection + + S8035730: Configure fails in cygwin if current dir is in + /home/user + + S8035751: Clean up Visual Studio detection logic + + S8035825: Warn instead of fail when calling the configure + wrapper directly + + S8036003: Add + --with-native-debug-symbols=[none|internal|external|zipped] + + S8038340: Cleanup and fix sysroot and devkit handling on + Linux and Solaris + + S8039030: 9-dev windows-i586 build failed with mktemp: + command not found + + S8041623: Solaris Studio 12.4 C++ 5.13, CHECK_UNHANDLED_OOPS + use of class oop's copy constructor definitions causing error + level diagnostic. + + S8042707: Source changes needed to build JDK 9 with Visual + Studio 2013 (VS2013) + + S8048128: Fix for Solaris Studio C++ 5.13, + CHECK_UNHANDLED_OOPS breaks PPC build. + + S8057538: Build the freetype library during configure on + Windows + + S8067239: [TESTBUG] javax/xml/bind/marshal/8036981/Test.java + failed + + S8069124: runtime/NMT/MallocSiteHashOverflow.java failing in + nightlies + + S8077420: Build failure with SS12u4 + + S8078437: Enable use of devkits for Windows + + S8079788: Fix broken CL version detection in configure for + some Visual Studio configurations + + S8081202: Hotspot compile warning: "Invalid suffix on + literal; C++11 requires a space between literal and identifier" + + S8081323: ConstantPool::_resolved_references is missing in + heap dump + + S8114823: G1 doesn't honor request to disable class unloading + + S8134157: adlc fails to compile with SS12u4 + + S8138692: libjsig compilation is missing EXTRA_CFLAGS on + macosx + + S8140470: javax/xml/crypto/dsig/SecurityManager/ + /XMLDSigWithSecMgr.java failed with AccessControlException + + S8148175: C1: G1 barriers don't preserve FP registers + + S8150426: Wrong cast in metadata_at_put + + S8150688: Fix os_windows siglabel + + S8153194: PreserveFPRegistersTest.java runs out of memory in + the nightlies + + S8156824: com.sun.jndi.ldap.pool.PoolCleaner should clear its + context class loader + + S8158012: Use SW prefetch instructions instead of BIS for + allocation prefetches on SPARC Core C4 + + S8160748: Inconsistent types for ideal_reg + + S8162362: Introduce system property to control enabled + ciphersuites + + S8162540: Crash in C2 escape analysis with assert: "node + should be registered" + + S8165463: Native implementation of sunmscapi should use + operator new (nothrow) for allocations + + S8173013: JVMTI tagged object access needs G1 pre-barrier + + S8176033: New cygwin grep does not match \r as newline + + S8176192: Incorrect usage of Iterator in Java 8 In + com.sun.jndi.ldap.EventSupport.removeNamingListener + + S8178370: [TEST_BUG] + java/security/Signature/SignatureLength.java fails + + S8179079: Incremental HotSpot builds broken on Windows + + S8179675: Build with error on windows with new Cygwin grep + + S8185855: Debug exception stacks should be clearer + + S8186171: HashMap: Entry.setValue may not work after + Iterator.remove() called for previous entries + + S8186646: Nashorn: "duplicate code" assertion when binding a + vararg function that just passes arguments along + + S8188083: NullPointerExcpn-java.awt.image.FilteredImageSource + .startProduction JDK-8079607 + + S8189170: Add option to disable stack overflow checking in + primordial thread for use with JNI_CreateJavaJVM + + S8189760: sun/security/ssl/CertPathRestrictions/ + /TLSRestrictions.java failed with unexpected Exception + intermittently + + S8193171: keytool -list displays "JKS" for a PKCS12 keystore + + S8193758: Update copyright headers of files in src tree that + are missing Classpath exception + + S8194412: Adding 256 units of IsoFields.QUARTER_YEARS broken + + S8194642: Improve OOM error reporting for JDK8 + + S8195095: Images are not scaled correctly in JEditorPane + + S8195738: scroll poistion in ScrollPane is reset after + calling validate() + + S8196108: Add build support for VS 2015/2017 + + S8196880: VS2017 Addition of Global Delete Operator with Size + Parameter Conflicts with Arena's Chunk Provided One + + S8196884: VS2017 Multiple Type Cast Conversion Compilation + Errors + + S8197864: VS2017 (C4334) Result of 32-bit Shift Implicitly + Converted to 64 bits + + S8197868: VS2017 (C2065) 'timezone': Undeclared Identifier in + share/runtime/os.cpp + + S8198304: VS2017 (C4838, C4312) Various conversion issues + with gtest tests + + S8198898: Compilation errors in jdk.crypto.mscapi with VS 2017 + + S8200353: Shift or Capslock not working in Textfield after + accented keystrokes + + S8201240: Improve releasing native resources of + BufImgSurfaceData.ICMColorData + + S8201369: Inet4AddressImpl_getLocalHostName reverse lookup on + Solaris only + + S8202600: [Zero] Undefined behaviour in + src/os_cpu/linux_zero/vm/os_linux_zero.cpp + + S8202696: Remove exclusion range for phonetic chars in + windows fontconfig.properties + + S8203349: 8u hotspot should recognise later Windows compilers + + S8203368: ObjectInputStream filterCheck method throws + NullPointerException + + S8203499: Uninitialised memory in WinAccessBridge.cpp + + S8203790: MSVCP dependency introduced in awt.dll + + S8203845: backport of JDK-8034788 inadvertently rolled back + JDK-8187045 changes to toolchain.m4 + + S8204053: libsaproc.so not linked with -z,noexecstack + + S8204872: [8u] VS2017: more instances of "error C3680: cannot + concatenate user-defined string literals with mismatched + literal suffix identifiers" + + S8205104: EXTRA_LDFLAGS not consistently being used + + S8205440: [8u] DWORD64 required for later Windows compilers + + S8205677: [8u] casts and type change for 8u to enable later + Windows compilers + + S8206425: .gnu_debuglink sections added unconditionally when + no debuginfo is stripped + + S8206454: [8u] os::current_stack_pointer() fails to compile + on later Windows compilers (warning C4172: returning address + of local variable) + + S8206914: add jdk8u-dev test failures to ProblemList.txt + + S8207402: Stray *.debuginfo files when not stripping debug + info + + S8207853: Need to regenerate configure in jdk8u-dev + + S8209002: 8u192 installed exe and dll files have wrong file + version + + S8210423: Backport of 8034788 breaks GCC version detection + + S8210658: Remove and retag jdk8u192-b10 tag in source + repository + + S8210951: Test sun/security/ssl/SSLContextImpl/ + /CustomizedCipherSuites.java fails + * Import of OpenJDK 8 u201 build 8 + + S8027781: New jarsigner timestamp warning is grammatically + incorrect + + S8159805: sun/security/tools/jarsigner/warnings/ + /NoTimestampTest.java fails after JDK-8027781 + + S8171049: Era.getDisplayName doesn't work with + non-IsoChronology + + S8191438: jarsigner should print when a timestamp will expire + + S8201818: [macosx] Printing attributes break page size set + via "java.awt.print.Book" object + + S8205330: InitialDirContext ctor sometimes throws NPE if the + server has sent a disconnection + + S8207775: Better management of CipherCore buffers + + S8208583: Better management of internal KeyStore buffers + + S8209129: Further improvements to cipher buffer management + + S8209862: CipherCore performance improvement + + S8210695: Create test to cover JDK-8205330 InitialDirContext + ctor sometimes throws NPE if the server has sent a + disconnection + + S8211883: Disable anon and NULL cipher suites + + S8213085: (tz) Upgrade time-zone data to tzdata2018g + + S8213368: JDK 8u201 l10n resource file update + + S8213792: Update THIRD_PARTY_README for LCMS to 2.9 + + S8213949: OpenJDK 8 CCharToGlyphMapper.m missing the + Classpath exception license text + + S8214357: JDK 8u201 l10n resource file update md20 + + S8215257: OpenJDK 8 mozilla_compat.js, parser.js missing the + Classpath exception license text + + S8215377: JDK-8171049 Breaks JCK signature tests - + Era.getDisplayName doesn't work with non-IsoChronology + * Backports + + S6424123, PR3696: JVM crashes on failed 'strdup' call + + S8059847, PR3696: complement JDK-8055286 and JDK-8056964 + changes + + S8074859, PR1937: Re-apply warnings as error switch removed + by 8034788 in 8u192 + + S8076475, PR3696: Misuses of strncpy/strncat + + S8145188, PR2945: Re-apply --with-java-debug-symbols option + removed by 8034788 in 8u192 + + S8214059, PR3693: Undefined behaviour in ADLC + + S8217753, PR3685: Enable HotSpot builds on 5.x Linux kernels + * Bug fixes + + PR3667, PR1983: Backed out changeset 48c15869ecd5 + + PR3667, PR1983: Backed out changeset f0635543beb3 + + PR3667, PR2127: Backed out changeset 0ff7720931e8 + + PR3667, PR2815: Backed out changeset 26e2e029ee25 + + PR3667, PR2899: Backed out changeset 9dc0eca5fa89 + + PR3667, PR2934: Backed out changeset 7513dae3426b + + PR3667, PR3479, RH1486025: Backed out changeset 5dcb55da00c1 + + PR3675: Update CVE URL + + PR3683: Addition of 8189170 in 8u192 breaks 8197429 backport + + PR3691: wget not detected by configure + * SystemTap + + PR3341: jstack.stp should support ppc64[le,be] + * AArch64 port + + S8160748, PR3682: [AArch64] Inconsistent types for ideal_reg + + S8189170, PR3682: [AArch64] Add option to disable stack + overflow checking in primordial thread for use with + JNI_CreateJavaJVM + + S8209414, PR3682: [AArch64] method handle invocation does not + respect JVMTI interp_only mode + + S8215951, PR3682: AArch64: jtreg test + vmTestbase/nsk/jvmti/PopFrame/popframe005 segfaults + + S8218185, PR3682: aarch64: missing LoadStore barrier in + TemplateTable::putfield_or_static + + S8219635, PR3682: aarch64: missing LoadStore barrier in + TemplateTable::fast_storefield +- Removed patch: + * icedtea-3.0.1-sunec.patch + + not needed any more + +------------------------------------------------------------------- +Mon Jan 7 07:45:12 UTC 2019 - Fridrich Strba + +- Update to version jdk8u191 (icedtea 3.10.0) + * Security fixes + + S8194534, CVE-2018-3136, bsc#1112142: Manifest better support + + S8194546: Choosier FileManagers + + S8195868: Address Internet Addresses + + S8195874: Improve jar specification adherence + + S8196897: Improve PRNG support + + S8196902, CVE-2018-3139, bsc#1112143: Better HTTP Redirection + + S8199177, CVE-2018-3149, bsc#1112144: Enhance JNDI lookups + + S8199226, CVE-2018-3169, bsc#1112146: Improve field accesses + + S8201756: Improve cipher inputs + + S8202613, CVE-2018-3180, bsc#1112147: Improve TLS connections + stability + + S8202936, CVE-2018-3183, bsc#1112148: Improve script engine + support + + S8203654: Improve cypher state updates + + S8204497: Better formatting of decimals + + S8205361, CVE-2018-3214, bsc#1112152: Better RIFF reading + support + + S8208353, CVE-2018-13785, bsc#1112153: Upgrade JDK 8u to + libpng 1.6.35 + + PR3639, CVE-2018-16435: lcms2: heap-based buffer overflow in + SetData function in cmsIT8LoadFromFile + * New features + + PR3655: Allow use of system crypto policy to be disabled by + the user + * Import of OpenJDK 8 u191 build 12 + + S8033251: Use DWARF debug symbols for Linux 32-bit as default + + S8049834: Two security tools tests do not run with only JRE + + S8074462: Handshake messages can be strictly ordered + + S8130132: jarsigner should emit warning if weak algorithms or + keysizes are used + + S8142927: Feed some text to STDIN in + ProcessTools.executeProcess() + + S8146377: test/sun/security/tools/jarsigner/ + /concise_jarsigner.sh failing + + S8152974: AWT hang occurrs when sequenced events arrive out + of sequence + + S8158887: sun/security/tools/jarsigner/concise_jarsigner.sh + timed out + + S8164480: Crash with assert(handler_address == + SharedRuntime::compute_compiled_exc_handler(..) failed: Must + be the same + + S8168628: (fc) SIGBUS when extending file size to map it + + S8171452: (ch) linux io_util_md: Operation not supported + exception after 8168628 + + S8172529: Use PKIXValidator in jarsigner + + S8180289: jarsigner treats timestamped signed jar invalid + after the signer cert expires + + S8189762: [TESTBUG] Create tests for JDK-8146115 container + awareness and resource configuration + + S8190674: sun/security/tools/jarsigner/TimestampCheck.java + failed with java.nio.file.NoSuchFileException: ts2.cert + + S8193892: Impact of noncloneable MessageDigest implementation + + S8196663: [TESTBUG] test/compiler/loopopts/ + /TestCMovSplitThruPhi.java fails on 32 bit Java + + S8197518: Kerberos krb5 authentication: AuthList's put method + leads to performance issue + + S8202478: Backout JDK-8152974 + + S8204667: Resources not freed on exception + + S8206916: Remove jdk8u181-b31 tag from jdk8u181/corba repo + + S8206916: Remove jdk8u181-b31 tag from jdk8u181/hotspot repo + + S8206916: Remove jdk8u181-b31 tag from jdk8u181/jaxp repo + + S8206916: Remove jdk8u181-b31 tag from jdk8u181/jaxws repo + + S8206916: Remove jdk8u181-b31 tag from jdk8u181/jdk repo + + S8206916: Remove jdk8u181-b31 tag from jdk8u181/langtools repo + + S8206916: Remove jdk8u181-b31 tag from jdk8u181/nashorn repo + + S8206916: Remove jdk8u181-b31 tag from jdk8u181 repo + + S8207336: Build failure in JDK8u on Windows after fix 8207260 + + S8208350: Disable all DES cipher suites + + S8208660: JDK 8u191 l10n resource file update + + S8208754: The fix for JDK-8194534 needs updates + + S8210431: Complete backport of libpng 1.6.35 TPRM + + S8211107: LDAPS communication failure with jdk 1.8.0_181 + + S8211731: Reconsider default option for ClassPathURLCheck + change done in JDK-8195874 + * Backports + + PR3646: Backed out changeset 6e3f4784affc + (S4890063/PR2304/RH1214835) + + S8029661, PR3642, RH1477159: Support TLS v1.2 algorithm in + SunPKCS11 provider + + S8131048, PR3574, RH1498936: ppc implement CRC32 intrinsic + + S8164920, PR3574, RH1498936: ppc: enhancement of CRC32 + intrinsic + + S8172850, PR3643, RH1640127: Anti-dependency on membar causes + crash in register allocator due to invalid instruction + scheduling + + S8202261, PR3638: (fc) FileChannel.map and + RandomAccessFile.setLength should not preallocate space + + S8209639, PR3643, RH1640127: assert failure in coalesce.cpp: + attempted to spill a non-spillable item + * Bug fixes + + PR3653: Detect whether -Xprefer:source and -J-Xmx can + be used, rather than assuming + + PR3673: Alternate HotSpot builds need fix for PR3094 + * SystemTap + + PR3625: arc_priority representation creates an implicit limit + on character sequence within regexp + * Shenandoah + + PR3634: Shenandoah still broken on s390 with + aarch64-shenandoah-jdk8u181-b16 + + [backport] Adaptive CSet selection overshoots max-CSet + + [backport] Adaptive CSet selection selects excessively when + memory is tight + + [backport] Adaptive/Traversal heuristics rewrite for + allocation rate + + [backport] Added logging for the number of workers used for + GC cycles + + [backport] Add task termination and enhanced task queue state + tracking + weakrefs + + [backport] Allocation path should not touch GC barriers for + metadata + + [backport] Allocation tracker should really report bytes + + [backport] AlwaysPreTouch fails with non-default ConcGCThreads + + [backport] Application pacing precision fixes + + [backport] Apply ShenandoahEvacOOMScope only for evac-taking + paths in ShenandoahBarrierSet + + [backport] Assembler write barriers should consistently check + for forwarded objects + + [backport] Avoid indirection to next-mark-context + + [backport] Avoid using uintx in ShenandoahHeapRegion + + [backport] C1 shenandoah_wb expects obj in a register + + [backport] Check and ensure that Shenandoah-enabled + compilations succeed + + [backport] Check heap stability in C1 WBs + + [backport] ClassUnloadingWithConcurrentMark should be opt-in + with Shenandoah + + [backport] Clean up obsolete c2 code + + [backport] Cleanup: remove unused root processor's sub tasks + + [backport] Cleanup UseShenandoahOWST blocks + + [backport] CollectedHeap::max_tlab_size is measured in words + + [backport] Complete liveness for recently allocated regions + outside the allocation path + + [backport] Comprehensible GC trigger logging + + [backport] Concurrent uncommit should be recorded as GC event + + [backport] Constify ShHeapRegionSet and ShCollectionSet + + [backport] Convert magic value to ShenandoahPacingSurcharge + + [backport] Default to ShenandoahCodeRootsStyle = 2 + + [backport] Degenerated evacuation + + [backport] Disable UseFastJNIAccessors for Shenandoah + + [backport] Elastic TLABs support for Shenandoah + + [backport] Enable ShenandoahEvacReserveOverflow by default + + [backport] Evac assist should touch marked objects only + + [backport] Evac reserve: make sure GC has untouchable space + to move the objects into + + [backport] EvilSyncBug test is too slow + + [backport] Explicit GC should actually uncommit the heap + + [backport] Exponential backoff with pacing + + [backport] Fix aarch64 CAS predicates + + [backport] Fix CAS-obj predicates and add + expected-null-versions for cmpxchg-narrow-oop + + [backport] Fixed SA due to code refactoring and merging + + [backport] Fix Minimal and Zero builds + + [backport] Fix ShHeap::notify_alloc usages: it accepts words, + not bytes + + [backport] Fix TestCommonGCLoads test + + [backport] Fix TestFullGCALot test failure + + [backport] Fix TestGCThreadGroups test + + [backport] Forceful SATB buffer flushes should be + time-periodic, not traffic-dependent + + [backport] Full GC always comes with liveness data + + [backport] Full GC should not always update references + + [backport] GCLAB slowpath allocations should fit the object + into GCLAB + + [backport] GC trace messages have to be immortal + + [backport] Handle missing ShenandoahWriteBarrierRB case + + [backport] Heap region count selection should only consider + max heap size + + [backport] Hook up GCLABs to Elastic LAB support + + [backport] Improve scheduling and interleaving of SATB + processing in mark loop + + [backport] Including metaspace info when reporting heap info + + [backport] Incorrect label for static heuristics + + [backport] Make in-cset checks use signed bytes to match C2 + better + + [backport] Micro-optimize AArch64 assembly write-barriers + + [backport] Missing Shenandoah entry in GCNameHelper::to_string + + [backport] More detailed pacing histogram + + [backport] More verbose profiling for phase 4 in mark-compact + + [backport] Move heuristics from ShCollectorPolicy to ShHeap + + [backport] Move (Java)Thread::_gc_state to lower offset to + optimize barrier fast-path encoding + + [backport] Move ParallelCodeIterator to ShenandoahCodeRoots + + [backport] Move periodic GC decision making to GC heuristics + base class + + [backport] Move Shenandoah stress tests to tier3 + + [backport] Non-cancellable mark loops should have sensible + stride + + [backport] Off-by-one error in degen progress calculation + + [backport] Only Java and GC worker threads should get GCLABs + + [backport] Out-of-cycle Degenerated GC should process + references and unload classes + + [backport] Pacer for evacuation should print "Avail" to + capture discounting + + [backport] Pacer should account actual size for elastic TLABs + + [backport] Parallel +AlwaysPreTouch should run with max + workers + + [backport] Passive heuristics should enter degen GC, not full + GC + + [backport] Perform gc-state checks with LoadB to fit C2 + matchers + + [backport] Pre-filter oops before enqueing them in SBS + slowpaths + + [backport] Print task queue statistics at the end of GC cycle + + [backport] Process remaining SATB buffers in final + mark/traverse loop instead of separate phase + + [backport] Proper units for allocation failure messages + + [backport] Prune undefined and unused methods + + [backport] Purge partial heuristics and connection matrix + infrastructure + + [backport] Purge support for + ShenandoahConcurrentEvacCodeRoots and ShenandoahBarriersForConst + + [backport] Rearrange Shenandoah tests into 3 tiers + + [backport] Reclaim immediate garbage after mark-compact + marking + + [backport] Recycle the regions only once + + [backport] Refactor alive-closures to deal better with new + marking contexts + + [backport] Refactor allocation path to accept + ShenandoahAllocRequest tuple + + [backport] Refactor and improve ShenandoahCodeRoots strategies + + [backport] Refactor FreeSet logging: support evac-reserve, + denser printouts + + [backport] Refactor gc+init logging + + [backport] Refactoring ShenandoahStrDedupStress test to + reduce test time + + [backport] Refactor to group marking bitmap and TAMS + structure in one class ShenandoahMarkingContext + + [backport] Remove C2 write-barrier from .ad files + + [backport] Removed racy assertion + + [backport] Remove NMethodSizeLimit adjustment for Shenandoah + + [backport] Remove obsolete/unused logging usages + + [backport] Remove safe_equals() + + [backport] Remove ShHeuristics::print_threshold + + [backport] Rename and move ShenandoahPrepareForMarkClosure + + [backport] Rename "cancel_concgc" to "cancel_gc" + + [backport] Replace custom asserts with shenandoah_assert_* + + [backport] Replace risky SBS::need_update_refs_barrier with + straightforward check + + [backport] Replace ShBarrierSet* casts with accessor + + [backport] Report actual free size in non-verbose FreeSet + status + + [backport] Report heap region stats in proper units + + [backport] Resettable iterators to avoid dealing with + copying/assignment compilation differences + + [backport] Reshuffle tests: verify STW GC is working first, + then verify under aggressive, then the rest + + [backport] Rework ClassUnloading* flags handling + + [backport] Rework GC degradation on allocation failure + + [backport] SATB buffer filtering/compaction hides unmarked + objects until final-mark + + [backport] shenandoah_assert_correct should check + object/forwardee klasses + + [backport] shenandoah_assert_correct should verify classes + before claiming _safe_oop + + [backport] Shenandoah changes to allow enabling -Wreorder + + [backport] Shenandoah/PPC barrier stubs + + [backport] Shenandoah string deduplication + + [backport] SH::make_(tlabs)_parsable() should work correctly + with/without TLABs + + [backport] Shortcut regions that are known not to be alive + + [backport] Should cleanup previous/bad versions of redefined + classes during full gc + + [backport] Skip RESOLVE in SATBBufferClosure if no forwarded + objects are in heap + + [backport] Soft-refs policy needs reliable heap usage data + after the GC cycle + + [backport] Soft refs should be purged reliably on allocation + failure, or with compact heuristics + + [backport] Some trivial-ish cleanups + + [backport] Split write barrier paths for mutator and GC + workers + + [backport] StringInternCleanup times out + + [backport] TestHeapDump runs much faster with small heap + + [backport] Tests should use -XX:+ShenandoahVerify in some + OOM-evac configurations + + [backport] TLAB sizing policy should converge faster with + Shenandoah + + [backport] Trace and report total allocation latency and sizes + + [backport] Traversal should resize TLABs + + [backport] Trivial enhancement to avoid costly deletion array + element + + [backport] Uncommit should relinquish the heap lock regularly + + [backport] Unreachable assert in + ShenandoahCodeRoots::acquire_lock + + [backport] Verifier should dump raw memory around the + problematic oops + + [backport] Verify global and local gc-state status + + [backport] VSC++ requires space(s) in between two string + literals + + [backport] WB slowpath should assist with evacuation of + adjacent objects + + [backport] Wiring GC events to JFR + Restore heap occupancy + in GC logs after JFR changes + + [backport] Wiring heap and metaspace info to JFR + + [backport] Wrap worker id in thread local worker session + + [backport] -XX:-UseTLAB should disable GCLABs too + + Cleanup undeclared methods in barrier stubs + + Disable evac assist by default until bugfixes arrive + + Fix build failure: signedness mismatch in assert + + Fix MacOS/Clang build failure + + Fix x86_32 build + + JDK8u: Silence compilation warnings on implicit type + conversion + + Move JNI Weak References workaround to Shenandoah-specific + root processor + + Fix code differences against shenandoah/jdk8u + * AArch64 port + + S8155627, PR3651: Enable SA on AArch64 + + S8207838, PR3666: AArch64: Float registers incorrectly + restored in JNI call + + S8209415, PR3666: Fix JVMTI test failure HS202 + + S8211064, PR3666: [AArch64] Interpreter and c1 don't + correctly handle jboolean results in native calls + +------------------------------------------------------------------- +Fri Sep 28 05:15:18 UTC 2018 - Fridrich Strba + +- Update to version jdk8u181 (icedtea 3.9.0) + * Security fixes + + S8191239: Improve desktop file usage + + S8193419: Better Internet address support + + S8197871, CVE-2018-2938, bsc#1101644: Support Derby + connections + + S8197925, CVE-2018-2940, bsc#1101645: Better stack walking + + S8199547, CVE-2018-2952, bsc#1101651: Exception to Pattern + Syntax + + S8200666, CVE-2018-2973, bsc#1101656: Improve LDAP support + + PR3607, CVE-2018-3639: hw: cpu: speculative store bypass + mitigation + * New features + + PR3623: Allow Shenandoah to be used on all architectures + + PR3624: Sync desktop files with Fedora/RHEL versions again + + PR3628: Install symlinks to tapsets in SystemTap directory + * Import of OpenJDK 8 u172 build 11 + + S8031304: Add dcmd to print all loaded dynamic libraries. + + S8044107: Add Diagnostic Command to list all ClassLoaders + + S8055755: Information about loaded dynamic libraries is wrong + on MacOSX + + S8059036: Implement Diagnostic Commands for heap and + finalizerinfo + + S8130400: Test java/awt/image/DrawImage/ + /IncorrectClipXorModeSurface2Surface.java fails with + ClassCastException + + S8136356: Add time zone mappings on Windows + + S8139673: NMT stack traces in output should show mtcomponent + + S8147542: ClassCastException when repainting after display + resolution change + + S8154017: Shutdown hooks are racing against shutdown + sequence, if System.exit()-calling thread is interrupted + + S8165466: DecimalFormat percentage format can contain + unexpected % + + S8166772: Touch keyboard is not shown for text components on + a screen touch + + S8169424: src/share/sample/scripting/scriptpad/src/scripts/ + /memory.sh missing #! + + S8170358: [REDO] 8k class metaspace chunks misallocated from + 4k chunk Freelist + + S8170395: Metaspace initialization queries the wrong chunk + freelist + + S8176072: READING attributes are not available on TSF + + S8177721: Improve diagnostics in + sun.management.Agent#startAgent() + + S8177758: Regression in java.awt.FileDialog + + S8183504: 8u131 Win 10, issue with wrong position of Sogou + IME popup + + S8184991: NMT detail diff should take memory type into account + + S8187331: VirtualSpaceList tracks free space on wrong node + + S8187629: NMT: Memory miscounting in compiler (C2) + + S8187658: Bigger buffer for GetAdaptersAddresses + + S8187685: NMT: Tracking compiler memory usage of thread's + resource area + + S8187803: JDK part of JavaFX-Swing dialogs appearing behind + main stage + + S8187985: Broken certificate number in debug output + + S8188855: Fix VS10 build after "8187658: Bigger buffer for + GetAdaptersAddresses" + + S8189599: InitialBootClassLoaderMetaspaceSize and + CompressedClassSpaceSize should be checked consistent from + MaxMetaspaceSize + + S8189646: sun/security/ssl/SSLSocketImpl/ + /SSLSocketCloseHang.java failed with + "java.net.SocketTimeoutException: Read timed out" + + S8190442: Backout changes for JDK-8087291 from 8u-dev as it + didn't use main CR id + + S8190690: Impact on krb5 test cases in the 8u-CPU nightly + + S8191969: javac produces incorrect + RuntimeInvisibleTypeAnnotations length attribute + + S8192987: keytool should remember real storetype if it is not + provided + + S8193156: Need to backout fixes for JDK-8058547, JDK-8055753, + JDK-8085903 + + S8193807: Avoid UnsatisfiedLinkError on AIX by providing + empty basic implementations of getSystemCpuLoad and + getProcessCpuLoad + * Import of OpenJDK 8 u181 build 13 + + S8038636: speculative traps break when classes are redefined + + S8051972: sun/security/pkcs11/ec/ReadCertificates.java fails + intermittently + + S8055008: Clean up code that saves the previous versions of + redefined classes + + S8057570: RedefineClasses() tests fail + assert(((Metadata*)obj)->is_valid()) failed: obj is valid + + S8074373: NMT is not enabled if NMT option is specified after + class path specifiers + + S8076117: EndEntityChecker should not process custom + extensions after PKIX validation + + S8156137: SIGSEGV in ReceiverTypeData::clean_weak_klass_links + + S8157898: SupportedDSAParamGen.java failed with timeout + + S8169201: Montgomery multiply intrinsic should use correct + name + + S8170035: When determining the ciphersuite lists, there is no + debug output for disabled suites. + + S8176183: sun/security/mscapi/SignedObjectChain.java fails on + Windows + + S8187045: [linux] Not all libraries in the VM are linked with + -z,noexecstack + + S8187635: On Windows Swing changes keyboard layout on a + window activation + + S8188223: IfNode::range_check_trap_proj() should handler + dying subgraph with single if proj + + S8196224: Even better Internet address support + + S8196491: Newlines in JAXB string values of SOAP-requests are + escaped to " " + + S8196854: TestFlushableGZIPOutputStream failing with + IndexOutOfBoundsException + + S8197943: Unable to use JDWP API in JDK 8 to debug JDK 9 VM + + S8198605: Touch keyboard is shown for a non-focusable text + component + + S8198606: Touch keyboard does not hide, when a text component + looses focus + + S8198794: Hotspot crash on Cassandra 3.11.1 startup with + libnuma 2.0.3 + + S8199406: Performance drop with Java JDK 1.8.0_162-b32 + + S8199748: Touch keyboard is not shown, if text component gets + focus from other text component + + S8200359: (tz) Upgrade time-zone data to tzdata2018d + + S8201433: Fix potential crash in BufImg_SetupICM + + S8202585: JDK 8u181 l10n resource file update + + S8202996: Remove debug print statements from RMI fix + + S8203233: (tz) Upgrade time-zone data to tzdata2018e + + S8203368: ObjectInputStream filterCheck method throws + NullPointerException + + S8204874: Update THIRDPARTYREADME file + + S8205491: adjust reflective access checks + * Backports + + S8008321, PR3599: compile.cpp verify_graph_edges uses bool as + int + + S8064786, PR3601: Fix debug build after 8062808: Turn on the + -Wreturn-type warning + + S8075942, PR3602, RH1582032: ArrayIndexOutOfBoundsException + in sun.java2d.pisces.Dasher.goTo + + S8146115, PR3508, RH1463098: Improve docker container + detection and resource configuration usage + + S8184309, PR3596: Build warnings from GCC 7.1 on Fedora 26 + + S8203182, PR3603: Release session if initialization of + SunPKCS11 Signature fails + + S8206406, PR3610, RH1597825: StubCodeDesc constructor + publishes partially-constructed objects on StubCodeDesc::_list + + S8207057, PR3613: No debug info for assembler files + * Bug fixes + + PR3597: Potential bogus -Wformat-overflow warning with + -Wformat enabled + + PR3600: jni_util.c does not import header file which declares + getLastErrorString + + PR3601: Fix additional -Wreturn-type issues introduced by + 8061651 + + PR3630: Use ${datadir} when specifying default tz.properties + location + + PR3632: IcedTea installing symlinks to SystemTap directory + rather than individual tapsets + * AArch64 port + + S8207345, PR3626: Trampoline generation code reads from + uninitialized memory + * Shenandoah + + PR3619: Shenandoah broken on s390 + + PR3620: Shenandoah broken on ppc64 + + Allocation failure injection machinery + + [backport] AArch64 shenandoah_store_check should read + evacuation_in_progress as byte + + [backport] Account trashed regions from coalesced CM-with-UR + + [backport] Adaptive collection set selection in adaptive + policy + + [backport] Adaptive heuristics accounts trashed cset twice + + [backport] Adapt upstream object pinning API + + [backport] Add comments in shenandoah_store_check on direct + heap field use + + [backport] Added diagnostic flag ShenandoahOOMDuringEvacALot + + [backport] Added missing header file for non-PCH build + + [backport] Add missing barrier in C1 NIOCheckIndex intrinsic + + [backport] Add new pinned/cset region state for + evac-failure-path + + [backport] Add ShenandoahRootProcessor API to report threads + while scanning roots + + [backport] Add test to verify Shenandoah is not enabled by + default, and enabled with the flag + + [backport] Add -XX:+ShenandoahVerify to more interesting tests + + [backport] AESCrypt.implEncryptBlock/AESCrypt.implDecryptBlock + intrinsics assume non null inputs + + [backport] Allow use of fp spills around write barrier + + [backport] Arraycopy fixes (tests and infrastructure) + + [backport] Assert Shenandoah-specific safepoints instead of + generic ones + + [backport] Asynchronous region recycling + + [backport] Avoid notifying about zero waste + + [backport] barrier moved due to null checks needs to always + fix memory edges + + [backport] Basic support for x86_32: build and run in STW + configuration + + [backport] Bitmap based ShHeapRegionSet + + [backport] Break heuristics out from ShCollectorPolicy into + their own source files + + [backport] C2 should use heapword-sized object math + + [backport] Check BS type in immByteMapBase predicate + + [backport] Cleanup allocation tracking in heuristics + + [backport] Cleanup and refactor Full GC code + + [backport] Cleanup and strengthen BrooksPointer verification + + [backport] Clean up dead code + + [backport] Cleanup: removed unused code + + [backport] Cleanup reset_{next|complete}_mark_bitmap + + [backport] Cleanup SHH::should_start_normal_gc + + [backport] "Compact" heuristics for dense footprint scenarios + + [backport] Compact heuristics should not shortcut on + immediate garbage, but aggressively compact + + [backport] Conditionalize PerfDataMemorySize on enabled heap + sampling + + [backport] Consistent liveness for humongous regions + + [backport] Control loop should wait before starting another + GC cycle + + [backport] Critical native tests should only be ran on x86_64 + platforms + + [backport] Degenerated GC + + [backport] Degenerated GC: rename enum, report degen reasons + in stats + + [backport] Demote ShenandoahAllocImplicitLive to diagnostic + + [backport] Demote warning message about OOM-during-evac to + informational + + [backport] Denser ShHeapRegion status line + + [backport] Disable verification from non-Shenandoah VMOps. + + [backport] Disallow pinned_cset region moves and allocations + during Full GC + + [backport] Disambiguate "upgrade to Full GC" GCause + + [backport] Do not add non-allocatable regions to the freeset + + [backport] Don't treat allocation regions implicitely live + during some GCs + + [backport] Double check for UseShenandoahGC in WB expand + + [backport] Drop distinction between immediate garbage and + free in heuristics + + [backport] Dynamic worker refactoring + + [backport] Eagerly drop CSet state from regions during Full GC + + [backport] Eliminate write-barrier assembly stub (part 1) + + [backport] Enable biased locking for Shenandoah by default + + [backport] Ensure tasks use correct number of workers + + [backport] Excessive assert in ShHeap::mark_next + + [backport] Excessive asserts in marked_object_iterate + + [backport] FinalEvac pause to turn off evacuation + + [backport] Fix || and && chaining warnings in memnode.cpp + + [backport] Fix broken asserts in ShenandoahSharedEnumFlag + + [backport] Fixed code roots scanning that might be bypassed + during degenerated cycle + + [backport] Fixed compilation error of libTestHeapDump.c on + Windows with VS2010 + + [backport] Fixed missing ResourceMark in + ShenandoahAsserts::print_obj + + [backport] Fixed pinned region handling in mark-compact + + [backport] Fix (external) heap iteration + TestHeapDump + should unlock aggressive heuristics + + [backport] fix for alias analysis with + ShenandoahBarriersForConst + + [backport] Fix/improve CLD processing + + [backport] Fixing Windows and ARM32 build + + [backport] Fix Mac OS build warnings + + [backport] Fix Minimal VM build + + [backport] Fix ShFreeSet boundary case + + [backport] fix TCK crash with shenandoah + + [backport] Forcefully update counters when GC cycle is running + + [backport] FreeSet and HeapRegion should have the reference + to ShenandoahHeap + + [backport] FreeSet refactor: bitmaps, cursors, biasing + + [backport] FreeSet should accept responsibility over trashed + regions + + [backport] FreeSet should report its internal state + before/after GC cycle + + [backport] Full GC should compact humongous regions + + [backport] Full GC should not trash empty regions + + [backport] GC state testers (infra) + + [backport] Generic verification is possible only at + Shenandoah safepoints + + [backport] Get easy on template instantiations in ShConcMark + + [backport] Heap region sampling should publish region states + + [backport] Humongous regions should support explicit pinning + + [backport] Immediate garbage ratio should not go over 100% + + [backport] Implement flag to generate write-barriers without + membars + + [backport] Implement protocol for safe OOM during evacuation + handling + Use jint in oom-evac-handler to match older JDKs + Atomic support better + Missing OOMScope in + ShenandoahFixRootsTask + + [backport] Improve assertion/verification messages a bit + + [backport] Improve/more detailed timing stats for root queue + work + + [backport] Incorrect constant folding with final field and + -ShenandoahOptimizeFinals + + [backport] Increase test timeouts + + [backport] Introduce assert_in_correct_region to verify + object is in correct region + + [backport] Isolate shenandoahVerifier from stray headers + + [backport] keep read barriers for final instance/stable field + accesses + + [backport] Keep track of per-cycle mutator/collector allocs. + Fix mutator/collector alloc region overlap in traversal. + + [backport] Little cleanup + + [backport] Log message on ref processing, class unload, + update refs for mark events + + [backport] LotsOfCycles test timeouts + + [backport] Make concurrent precleaning log message optional + again + + [backport] Make control loop more responsive under allocation + pressure + + [backport] Make degenerated update-refs use region-set cursor + to hand over work + + [backport] Make heap counters update completely asynchronous + + [backport] Make major GC phases exclusive from each other + + [backport] Make sure selective barriers enabling/disabling + works + + [backport] Make sure -XX:+ShenandoahVerify comes first in the + tests + + [backport] Mark bitmap slices commit/uncommit + Aggregated + bitmap slicing + + [backport] Match barrier fastpath checks better + + [backport] Minor cleanups + + [backport] Minor cleanup, uses latest Atomic API + + [backport] Move barriers into typeArrayOop.hpp direct memory + accessors + + [backport] Move ShHeap::used increment out of locked + allocation path + + [backport] No need for fence in control loop: flags are now + ShSharedVariables + + [backport] Only report GC pause time to GC MXBean + Re-fix + memory managers and memory pools usage and pause reporting + + [backport] Optimize fwdptr region handling in + ShenandoahVerifyOopClosure::verify_oop + + [backport] Optimize oop/fwdptr/hr_index verification a bit + + [backport] overflow integer during size calculation + + [backport] Pacer should account allocation waste and + unsuccessful pacing in the budget + + [backport] Pacer should poll FreeSet to figure out actually + available space + + [backport] Passive should opt-in the barriers, not opt-out + + [backport] Pauses that do not affect heap occupancy should + not report heap + + [backport] Print message when heuristics changes the setting + ergonomically + + [backport] Protect C2 matchers with UseShenandoahGC + + [backport] Provide non-taxable allocation slack at the + beginning of the cycle + + [backport] Record cycle start/end to avoid continuous + periodic GC + + [backport] Record Shenandoah events in hs_err events section + + [backport] Refactor allocation failure and explicit GC + handling + + [backport] Refactor allocation metadata handling + + [backport] Refactor FreeSet rebuilding into the single source + + [backport] Refactoring GC phase and heap allocation tracking + out of policy + + [backport] Refactor uncommit handling: react on explicit GCs, + feature kill flag, etc + + [backport] Refactor worker timings into ShenandoahPhaseTimings + + [backport] ReferenceProcessor is_alive setup is racy + + [backport] Region sampling should lock while gathering region + data + + [backport] Rehash VMOperations and cycle driver mechanics for + consistency + + [backport] Relax assert in SBS::is_safe() + + [backport] Remove BS:is_safe in favor of logged + BS::verify_safe_oop + + [backport] Remove CSetThreshold handling from heuristics + + [backport] Remove FreeSet::add_region, inline into + FreeSet::rebuild + + [backport] Remove obsolete check in FreeSet::allocate + + [backport] Remove ShenandoahGCWorkerPerJavaThread flag + + [backport] Remove ShenandoahMarkCompactBarrierSet + + [backport] Rename and cleanup _regions and _free_set uses + + [backport] Rename dynamic heuristics to static + + [backport] Rename *_oop_static/oop_ref to *_forwarded + + [backport] Rename ShenandoahConcurrentThread to + ShenandoahControlThread + + [backport] Report all GC status flags in hs_err + + [backport] Report fwdptr size in JNI GetObjectSize + + [backport] Report how much we have failed to allocate during + Allocation Failure + + [backport] Report illegal transitions verbosely, and remove + some no-op transitions + + [backport] Rewire control loop to avoid double cleanup work + + [backport] Rework shared bool/enum flags with proper types + and synchronization + + [backport] Rewrite and fix + ShenandoahHeap::marked_object_iterate + + [backport] Rich assertion failure logging + + [backport] Roots verification should take the special roots + first + + [backport] RP closures should accept NULL referents + + [backport] Set ShenandoahMinFreeThreshold default to 10% + + [backport] Setup process references and class unloading once + before the cycle + + [backport] ShConcurrentThread races with set_gc_state_bit + + [backport] Shenandoah critical native support + + [backport] Shenandoah region/set iterators should not allow + copying + + [backport] Shenandoah SA implementation + + [backport] Shenandoah/SPARC barrier stubs + + [backport] ShenandoahVerifyOptoBarriers should not fail with + disabled barriers + + [backport] ShenandoahWriteBarrierNode::find_bottom_mem() fix + + [backport] ShenandoahWriteBarrierRB flag to conditionally + disable RB on WB fastpath + + [backport] Shenandoah/Zero barrier stubs + + [backport] SieveObjects test is too hostile to verification + + [backport] Single GCTimer shared by all operations + + [backport] Single thread-local GC state flag for all barriers + + [backport] Some smallish ShHeapRegionSet changes + + [backport] Speed up asserts and verification, improve + fastdebug builds performance + + [backport] Split live data management for allocations and GCs + + [backport] Static heuristics should be really static and + report decisions + + [backport] Static heuristics should use non-zero allocation + threshold + + [backport] Store checks should run most of the time + + [backport] Tax-and-Spend allocation pacing + + [backport] Testbug: VerifyJCStressTest leaks memory + + [backport] TestSelectiveBarrierFlags should accept + multi-element flag selections + + [backport] TestSelectiveBarrierFlags times out due to too + aggressive compilation mode + + [backport] Trim/expand test heap sizes to fit small heaps + + [backport] Trim the TLAB sizes to avoid wasteful retirement + under TLAB races + + [backport] Use leftmost region in GC allocations + + [backport] Use os::naked_short_sleep instead of naked Thread + events for sleeping + + [backport] Use/sort (cached) RegionData not + ShenandoahHeapRegionSet (infrastructure) + + [backport] UX: Cleanup (adaptive) CSet selection message + + [backport] UX: Pacer reports incorrect free size + + [backport] UX: Shorter gc+ergo messages from CSet selection + + [backport] Verifier crashes when reporting multiple + forwardings + + [backport] Verifier should check klass pointers before + attempting to reach for object size + + [backport] Verifier should print verification label at + liveness verification + + [backport] Verify fwdptr accesses during Full GC moves + + [backport] Verify regions status + + [backport] When Shenandoah WB is moved out of loop, connect + it to correct loop memory Phi (back out and revisit previous fix) + + [backport] Wipe out ShenandoahStoreCheck implementation + + [backport] Workaround C1 ConstantOopWriteValue bug + + Bitmap size might not be page aligned when large page is used + + Changed claim count to jint + + Cherry-pick JDK-8173013: JVMTI tagged object access needs G1 + pre-barrier + + Defer cleaning of system dictionary and friends to parallel + cleaning phase + + Do not put down update-refs-in-progress flag concurrently + + Fix AArch64 build failure: misplaced #endif + + Fixed Shenandoah 8u build + + Fixed Windows build + + Fix non-PCH build + + Fix non-PCH x86_32 build + + Fix up SPARC and Zero headers for proper locations + + missing barriers in String intrinsics with + -ShenandoahOptimizeInstanceFinals + -ShenandoahOptimizeStableFinals + + Missing event log for canceled GC + + StringInternCleanup times out + + VerifyJCStressTest should test all heuristics + + Workaround VM crash with JNI Weak Refs handling +- Removed patches: + * 8038636.patch, 8051972.patch, 8055008.patch, 8074373.patch, + 8076117.patch, 8157898.patch, 8169201.patch, 8170035.patch, + 8176183.patch, 8187635.patch, 8188223.patch, 8191239.patch, + 8193419.patch, 8196224.patch, 8196491.patch, 8196854.patch, + 8197871.patch, 8197925.patch, 8197943.patch, 8198794.patch, + 8199406.patch, 8199547.patch, 8200359.patch, 8200666.patch, + 8201433.patch, 8202585.patch, 8202996.patch, 8203233.patch, + 8203368.patch, 8205491.patch + + Not needed any more +- Modified patch: + * java-1_8_0-openjdk-suse-desktop-files.patch + - Rediff to changed context +- Do not run standalone TestECDSA, since it is already run during + the build + +------------------------------------------------------------------- +Wed Sep 26 05:39:58 UTC 2018 - Fridrich Strba + +- Removed patch: + * s390-java-opts.patch + - Not needed any more + +------------------------------------------------------------------- +Sun Sep 23 06:22:07 UTC 2018 - Fridrich Strba + +- Added patch: + * icedtea-3.8.0-s390.patch + + Fix out-of-memory problem with bootstrap javac on s390 + + Allows builds of OpenJDK 8 on s390 again (bsc#1106812) + +------------------------------------------------------------------- +Wed Sep 19 08:36:31 UTC 2018 - Fridrich Strba + +- Backport Oracle July 2018 CPU +- Added security fixes: + * 8197871.patch + + S8197871: Support Derby connections (CVE-2018-2938, + bsc#1101644) + * 8197925.patch + + S8197925: Better stack walking (CVE-2018-2940, bsc#1101645) + * 8199547.patch + + S8199547: Exception to Pattern Syntax (CVE-2018-2952, + bsc#1101651) + * 8200666.patch + + S8200666: Improve LDAP support (CVE-2018-2973, bsc#1101656) +- Added security-in-depth fixes: + * 8191239.patch + + S8191239: Improve desktop file usage + * 8193419.patch + + S8193419: Better Internet address support +- Added patches: + * 8038636.patch + + S8038636: speculative traps break when classes are redefined + * 8051972.patch + + S8051972: sun/security/pkcs11/ec/ReadCertificates.java fails + intermittently + * 8055008.patch + + S8055008: Clean up code that saves the previous versions of + redefined classes + + S8156137: SIGSEGV in ReceiverTypeData::clean_weak_klass_links + + S8057570: RedefineClasses() tests fail + assert(((Metadata*)obj)->is_valid()) failed: obj is valid + * 8074373.patch + + S8074373: NMT is not enabled if NMT option is specified after + class path specifiers + * 8076117.patch + + S8076117: EndEntityChecker should not process custom + extensions after PKIX validation + * 8157898.patch + + S8157898: SupportedDSAParamGen.java failed with timeout + * 8169201.patch + + S8169201: Montgomery multiply intrinsic should use correct + name + * 8170035.patch + + S8170035: When determining the ciphersuite lists, there is no + debug output for disabled suites. + * 8176183.patch + + S8176183: sun/security/mscapi/SignedObjectChain.java fails on + Windows + * 8187635.patch + + S8187635: On Windows Swing changes keyboard layout on a + window activation + * 8188223.patch + + S8188223: IfNode::range_check_trap_proj() should handler + dying subgraph with single if proj + * 8196224.patch + + S8196224: Even better Internet address support + * 8196491.patch + + S8196491: Newlines in JAXB string values of SOAP-requests are + escaped to " " + * 8196854.patch + + S8196854: TestFlushableGZIPOutputStream failing with + IndexOutOfBoundsException + * 8197943.patch + + S8197943: Unable to use JDWP API in JDK 8 to debug JDK 9 VM + * 8198794.patch + + S8198794: Hotspot crash on Cassandra 3.11.1 startup with + libnuma 2.0.3 + * 8199406.patch + + S8199406: Performance drop with Java JDK 1.8.0_162-b32 + * 8200359.patch + + S8200359: (tz) Upgrade time-zone data to tzdata2018d + * 8201433.patch + + S8201433: Fix potential crash in BufImg_SetupICM + * 8202585.patch + + S8202585: JDK 8u181 l10n resource file update + * 8202996.patch + + S8202996: Remove debug print statements from RMI fix + * 8203233.patch + + S8203233: (tz) Upgrade time-zone data to tzdata2018e + * 8203368.patch + + S8203368: ObjectInputStream filterCheck method throws + NullPointerException + * 8205491.patch + + S8205491: adjust reflective access checks + +------------------------------------------------------------------- +Fri Jun 1 12:14:41 UTC 2018 - fstrba@suse.com + +- Update to version jdk8u171 (icedtea 3.8.0) + * Security fixes + + S8180881: Better packaging of deserialization + + S8182362: Update CipherOutputStream Usage + + S8183032: Upgrade to LittleCMS 2.9 + + S8189123: More consistent classloading + + S8189969, CVE-2018-2790, bsc#1090023: Manifest better manifest + entries + + S8189977, CVE-2018-2795, bsc#1090025: Improve permission + portability + + S8189981, CVE-2018-2796, bsc#1090026: Improve queuing + portability + + S8189985, CVE-2018-2797, bsc#1090027: Improve tabular data + portability + + S8189989, CVE-2018-2798, bsc#1090028: Improve container + portability + + S8189993, CVE-2018-2799, bsc#1090029: Improve document + portability + + S8189997, CVE-2018-2794, bsc#1090024: Enhance keystore + mechanisms + + S8190478: Improved interface method selection + + S8190877: Better handling of abstract classes + + S8191696: Better mouse positioning + + S8192025, CVE-2018-2814, bsc#1090032: Less referential + references + + S8192030: Better MTSchema support + + S8192757, CVE-2018-2815, bsc#1090033: Improve stub classes + implementation + + S8193409: Improve AES supporting classes + + S8193414: Improvements in MethodType lookups + + S8193833, CVE-2018-2800, bsc#1090030: Better RMI connection + support + * New features + + PR3493: Run AES test to test intrinsics + * Import of OpenJDK 8 u162 build 12 + + S4354680: Runtime.runFinalization() silently clears + interrupted flag in the calling thread + + S6618335: ThreadReference.stop(null) throws NPE instead of + InvalidTypeException + + S6651256: jstack: DeleteGlobalRef method call doesn't lead to + descreasing of global refs count shown by jstack + + S6656031: SA: jmap -permstat number of classes is off by 1 + + S6977426: sun/tools tests can intermittently fail to find + app's Java pid + + S6988950: JDWP exit error JVMTI_ERROR_WRONG_PHASE(112) + + S7124271: [macosx] RealSync test failure + + S7162125: [macosx] A font has different behaviour for + ligatures depending on its creation mod + + S8023667: SA: ExceptionBlob and other C2 classes not + available in client VM + + S8031661: java/net/Authenticator/B4769350.java failed + intermittently + + S8046778: Better error messages when starting JMX agent via + attach or jcmd + + S8066185: VM crashed with SIGSEGV + VirtualMemoryTracker::add_reserved_region + + S8072428: Enable UseLoopCounter ergonomically if + on-stack-replacement is enabled + + S8073670: TypeF::eq and TypeD::eq do not handle NaNs correctly + + S8074812: More specific error message when the .java_pid + well-known file is not secure + + S8078269: JTabbedPane UI Property + TabbedPane.tabAreaBackground no longer works + + S8080504: [macosx] SunToolkit.realSync() may hang + + S8087291: InitialBootClassLoaderMetaspaceSize and + CompressedClassSpaceSize should be checked consistent from + MaxMetaspaceSize + + S8132374: AIX: fix value of os.version property + + S8134103: JVMTI_ERROR_WRONG_PHASE(112): on checking for an + interface + + S8139218: Dialog that opens and closes quickly changes focus + in original focusowner + + S8147002: [macosx] Arabic character cannot be rendered on + MacOS X + + S8148786: xml.tranform fails on x86-64 + + S8155197: Focus transition issue + + S8157896: TestDSAGenParameterSpec.java test fails with timeout + + S8158633: BASE64 encoded cert not correctly parsed with UTF-16 + + S8159432: [PIT][macosx] StackOverflow in + closed/java/awt/Dialog/DialogDeadlock/DialogDeadlockTest + + S8162530: src/jdk.management/share/native/libmanagement_ext/ + /GcInfoBuilder.c doesn't handle JNI exceptions properly + + S8164954: split_if creates empty phi and region nodes + + S8166742: SIGFPE in C2 Loop IV elimination + + S8169961: Memory leak after debugging session + + S8172751: OSR compilation at unreachable bci causes C1 crash + + S8175340: Possible invalid memory accesses due to + ciMethodData::bci_to_data() returning NULL + + S8177026: jvm.dll file version not updated since 8u72 + + S8177414: Missing key events on Mac Os + + S8177958: Possible uninitialized char* in + vm_version_solaris_sparc.cpp + + S8178047: Aliasing problem with raw memory accesses + + S8179086: java.time.temporal.ValueRange has poor hashCode() + + S8180370: Characters are skipped on input of Korean text on + OS X + + S8180855: Null pointer dereference in OopMapSet::all_do of + oopMap.cpp:394 + + S8181659: Create an alternative fix for JDK-8167102, whose + fix was backed out + + S8181786: Extra runLater causes impossible states to be + possible using javafx.embed.singleThread=true + + S8182402: Tooltip for Desktop button is in English when + non-English locale is set + + S8182996: Incorrect mapping Long type to JavaScript equivalent + + S8184009: Missing null pointer check in + InterpreterRuntime::update_mdp_for_ret() + + S8184271: Time related C1 intrinsics produce inconsistent + results when floating around + + S8184328: JDK 8u131 socketRead0 hang at SSL read + + S8184893: jdk8u152 b06 : issues with nashorn when running + kraken benchmarks + + S8185346: Relax RMI Registry Serial Filter to allow arrays of + any type + + S8187023: Cannot read pkcs11 config file in UTF-16 environment + + S8189918: Remove Trailing whitespace from file while syncing + 8u into 8u162-b03 + + S8190280: [macos] Font2DTest demo started failing for Arabic + range from JDK 8 u162 b01 on Mac + + S8190542: 8u162 L10n resource file update + + S8192794: 8u162 L10n resource file update md20 + * Import of OpenJDK 8 u171 build 11 + + S8054213: Class name repeated in output of Type.toString() + + S8068778: [TESTBUG] CompressedClassSpaceSizeInJmapHeap.java + fails if SA not available + + S8150530: Improve javax.crypto.BadPaddingException messages + + S8153955: increase java.util.logging.FileHandler MAX_LOCKS + limit + + S8169080: Improve documentation examples for crypto + applications + + S8175075: Add 3DES to the default disabled algorithm security + property + + S8179665: [Windows] java.awt.IllegalComponentStateException: + component must be showing on the screen to determine its + location + + S8186032: Disable XML Signatures signed with EC keys less + than 224 bits + + S8186441: Change of behavior in the getMessage () method of + the SOAPMessageContextImpl class + + S8187496: Possible memory leak in + java.apple.security.KeychainStore.addItemToKeychain + + S8189851: [TESTBUG] + runtime/RedefineTests/RedefineInterfaceCall.java fails + + S8191358: Restore TSA certificate expiration check + + S8191909: Nightly failures in nashorn suite + + S8192789: Avoid using AtomicReference in + sun.security.provider.PolicyFile + + S8194259: keytool error: java.io.IOException: Invalid secret + key format + + S8196952: Bad primeCertainty value setting in + DSAParameterGenerator + + S8197030: Perf regression on all platforms with 8u171-b03 - + early lambda use + + S8198494: 8u171 and 8u172 - Build failure on non-SE Linux + Platforms + + S8198662: Incompatible internal API change in JDK8u161: + signature of method exportObject() + + S8198963: Fix new rmi property name + + S8199001: [TESTBUG] RMIConnectionFilterTest.java test fails + in compilation + + S8199141: Windows: new warning messaging for JRE installer UI + in non-MOS cases + + S8200314: JDK 8u171 l10n resource file update - msg drop 40 + * Backports + + S8062808, PR3548: Turn on the -Wreturn-type warning + + S8141570, PR3548: Fix Zero interpreter build for + --disable-precompiled-headers + + S8143245, PR3548: Zero build requires disabled warnings + + S8165489, PR3589: Missing G1 barrier in + Unsafe_GetObjectVolatile + + S8171000, PR3542, RH1402819: Robot.createScreenCapture() + crashes in wayland mode + _ S8184309, PR3596: Build warnings from GCC 7.1 on Fedora 26 + + S8185723, PR3553: Zero: segfaults on Power PC 32-bit + + S8186461, PR3557: Zero's atomic_copy64() should use SPE + instructions on linux-powerpcspe + + S8187577, PR3578: JVM crash during gc doing concurrent marking + + S8197429, PR3546, RH1536622: Increased stack guard causes + segfaults on x86-32 + + S8197546, PR3542: Fix for 8171000 breaks Solaris + Linux + builds + + S8197981, PR3548: Missing return statement in + __sync_val_compare_and_swap_8 + + S8200556, PR3566: AArch64: assertion failure in slowdebug + builds + + S8201509, PR3579: Zero: S390 31bit atomic_copy64 inline + assembler is wrong + * Bug fixes + + S8199936, PR3533: HotSpot generates code with unaligned + stack, crashes on SSE operations + + S8199936, PR3591: Fix for bug 3533 doesn't add -mstackrealign + to JDK code + + PR3539, RH1548475: Pass EXTRA_LDFLAGS to HotSpot build + + PR3549: Desktop file doesn't reference versioned icon + + PR3550: Additional category used in jconsole.desktop.in is + incorrect + + PR3559: Use ldrexd for atomic reads on ARMv7. + + PR3575, RH1567204: System cacerts database handling should + not affect jssecacerts + + PR3592: Skip AES test on AArch64 due to VM crash + + PR3593: s390 needs to use '%z' format specifier for size_t + arguments as size_t != int + + PR3594: Patch for bug 3593 breaks Shenandoah build + + PR3597: Potential bogus -Wformat-overflow warning with + -Wformat enabled + * Shenandoah + + PR3573: Fix TCK crash with Shenandoah + + Remove oop cast in oopMap.cpp again, as oopDesc::operator== + has additional checking in Shenandoah. + + Fix new code for Shenandoah after the 8u171 merge + + Revert accidental OpSpinWait matching + + UseBiasedLocking should be disabled only for Shenandoah + * AArch32 port + + PR3548: Add missing return values for AArch32 port +- Removed patches: + * no-return-in-nonvoid-function.patch + * zero-atomic_copy64.patch + + fixed upstream + * java-1_8_0-openjdk-gcc6.patch + + not needed any more +- Modified patch: + * java-1_8_0-openjdk-suse-desktop-files.patch + + rediff to changed context + +------------------------------------------------------------------- +Thu Mar 29 06:28:28 UTC 2018 - fstrba@suse.com + +- Added patch: + * no-return-in-nonvoid-function.patch + + fix broken build with gcc8 (bsc#1087066) + +------------------------------------------------------------------- +Thu Mar 1 06:55:49 UTC 2018 - fstrba@suse.com + +- Update to vesion jdk8u161 (icedtea 3.7.0) - bsc#1076366 + * Security fixes + + S8160104: CORBA communication improvements + + S8172525, CVE-2018-2579: Improve key keying case + + S8174756: Extra validation for public keys + + S8174962, CVE-2018-2582: Better interface invocations + + S8175932: Improve host instance supports + + S8176458: Revise default document styling + + S8178449, CVE-2018-2588: Improve LDAP logins + + S8178458: Better use of certificates in LDAP + + S8178466: Better RSA parameters + + S8179536: Cleaner print job handling + + S8179990: Cleaner palette entry handling + + S8180011: Cleaner native graphics device handling + + S8180015: Cleaner AWT robot handling + + S8180020: Improve SymbolHashMap entry handling + + S8180433: Cleaner CLR invocation handling + + S8180877: More deeply colored ICC spaces + + S8181664: Improve JVM UTF String handling + + S8181670: Improve implementation of keystores + + S8182125, CVE-2018-2599: Improve reliability of DNS lookups + + S8182387, CVE-2018-2603: Improve PKCS usage + + S8182601, CVE-2018-2602: Improve usage messages + + S8185292, CVE-2018-2618: Stricter key generation + + S8185325, CVE-2018-2641: Improve GTK initialization + + S8186080: Transform XML interfaces + + S8186212, CVE-2018-2629: Improve GSS handling + + S8186600, CVE-2018-2634: Improve property negotiations + + S8186606, CVE-2018-2633: Improve LDAP lookup robustness + + S8186699: Clean up extra Derby files + + S8186867: Improve native glyph layouts + + S8186998, CVE-2018-2637: Improve JMX supportive features + + S8189284, CVE-2018-2663: More refactoring for deserialization + cases + + S8190289, CVE-2018-2677: More refactoring for client + deserialization cases + + S8191142, CVE-2018-2678: More refactoring for naming + deserialization cases + * Import of OpenJDK 8 u152 build 16 + + S4953367: MAWT: Java should be more careful manipulating + NLSPATH, XFILESEARCHPATH env variables + + S6772009: + java/util/concurrent/locks/ReentrantLock/CancelledLockLoops.java + test failed with 'Completed != 2' + + S6947916: JarURLConnection does not handle useCaches correctly + + S6980209: Make tracking SecondaryLoop.enter/exit methods + easier + + S7052625: com/sun/net/httpserver/bugs/6725892/Test.java fails + intermittently + + S7102702: + java/net/PortUnreachableException/OneExceptionOnly.java failing + + S7131356: (props) "No Java runtime present, requesting + install" when creating VM from JNI [macosx] + + S7172652: With JDK 1.7 text field does not obtain focus when + using mnemonic Alt/Key combin + + S8022291: Mac OS: Unexpected JavaLaunchHelper message + displaying + + S8022580: sun.net.ftp.impl.FtpClient.nameList(String path) + handles "null" incorrectly + + S8025306: Inet[4|6]Address class and fieldID initialization + in networking native code + + S8028363: XmlGregorianCalendarImpl.getTimeZone() bug when + offset is less than 10 minutes + + S8028725: [Parfait] warnings from b116 for + jdk.src.solaris.native.java.net: JNI pending exceptions + + S8028769: Check src/share/native/java/lang/*.c for cases when + JNI calls are used with pending warnings + + S8029018: (bf) Check src/share/native/java/nio/Bits.c for JNI + pending exceptions + + S8030116: (process) Check Parfait warnings in + src/solaris/native/java/lang/* + + S8031586: Check jdk/src/*/native/com/sun/security/auth/module + for pending JNI exceptions + + S8033371: jdk/src/solaris/native/java/lang/ProcessEnvironment.c + environ doesn't check for JNI pending exceptions + + S8033372: Check jdk/src/share/native/java/lang for JNI + pending exception issues + + S8034102: Check solaris/native/sun/nio/fs/MacOSXNativeDispatcher.c + for JNI pending exceptions + + S8034249: need more workarounds for suspend equivalent + condition issue + + S8035158: Remove dependency on sun.misc.RegexpPool and friends + + S8035568: [macosx] Cursor management unification + + S8035653: InetAddress.getLocalHost crash + + S8037346: Need to terminate server process if client runs + into problems + + S8037909: JNI warnings in + jdk/src/windows/native/java/nio/MappedByteBuffer.c + + S8038075: JNI warnings in + jdk/src/share/native/sun/misc/VMSupport.c + + S8038348: Instance field load is replaced by wrong data Phi + + S8039412: Stack overflow on Linux using + DialogTypeSelection.NATIVE + + S8040322: TextArea.replaceRange() and insert() are broken + with setText(null) + + S8040635: [macosx] Printing a shape filled with a texture + doesn't work under Mac OS X + + S8043913: remove legacy code in SPARC's + VM_Version::platform_features + + S8046768: com/sun/jndi/ldap/LdapTimeoutTest.java fails + intermittently + + S8046893: JNI exception pending in + jdk/src/solaris/native/java/net: ExtendedOptionsImpl.c, + PlainDatagramSocketImpl.c + + S8046901: Check jdk/src/solaris/native/sun/nio for Parfait + flagged uninitialized memory + + S8049717: expose L1_data_cache_line_size for + diagnostic/sanity checks + + S8050478: [macosx] Cursor not updating correctly after + closing a modal dialog + + S8054214: JapaneseEra.getDisplayName doesn't return names if + it's an additional era + + S8055204: Memory leak in + jdk/src/windows/native/java/lang/java_props_md.c + + S8058316: lookupDefaultPrintService returns null on Solaris 11 + + S8061258: [macosx] PrinterJob's native Print Dialog does not + reflect specified Copies or Page Ranges + + S8064470: JNI exception pending in + jdk/src/java/base/unix/native/libjava/FileDescriptor_md.c + + S8066250: compiler/dependencies/MonomorphicObjectCall/ + /TestMonomorphicObjectCall.java fails product + + S8067059: PrinterJob.pageDialog() with + DialogSelectionType.NATIVE returns a PageFormat when + cancelled. + + S8071424: JCK test api/java_net/Socket/descriptions.html#Bind + crashes on Windows + + S8075516: Deleting a file from either the open or save + java.awt.FileDialog hangs. + + S8076249: NPE in AccessBridge while editing JList model + + S8076554: [macosx] Custom Swing text components need to allow + standard accessibility + + S8080486: JNI exception pending in jdk/src/java.base/windows/ + /native/libnet/DualStackPlainSocketImpl.c + + S8081219: hs_err improvement: Add event logging for class + redefinition to the hs_err file + + S8087144: sun/security/krb5/auto/MaxRetries.java fails with + Retry count is -1 less + + S8087342: Crash in + klassItable::initialize_itable_for_interface + + S8089573: [macosx] Incorrect char to glyph mapping printing + on OSX 10.10 + + S8129361: ISO 4217 amendment 160 + + S8130041: TsacertOptionTest.java intermittently fails on Mac + + S8132209: DiagnosticCommandImpl.getNotificationInfo() may + expose internal representation + + S8132455: com/sun/jndi/ldap/LdapTimeoutTest.java fails at + handleNamingException + + S8134119: Use new API to get cache line sizes + + S8134389: Crash in HotSpot with jvm.dll+0x42b48 + ciObjectFactory::create_new_metadata + + S8134918: C2: Type speculation produces mismatched unsafe + accesses + + S8135124: com/sun/jndi/ldap/LdapTimeoutTest.java failed + intermittently + + S8136570: Stop changing user environment variables related to + /usr/dt + + S8139189: VK_OEM_102 dead key detected as VK_UNDEFINED + + S8140309: [REDO] failed: no mismatched stores, except on raw + memory: StoreB StoreI + + S8140525: AwtFrame::WmShowWindow() may steal focus + + S8141370: com/sun/jndi/ldap/LdapTimeoutTest.java failed + intermittently + + S8143897: Weblogic12medrec assert(handler_address == + SharedRuntime::compute_compiled_exc_handler(nm, pc, exception, + force_unwind, true)) failed: Must be the same + + S8145207: [macosx] JList, VO can't access non-visible list + items + + S8145732: Duplicate entry in http.nonProxyHosts will ignore + subsequent entries + + S8145952: ISO 4217 amendment 161 + + S8145981: (fs) LinuxWatchService can reports events against + wrong directory + + S8146961: Fix PermGen memory leaks caused by static final + Exceptions + + S8147772: Update KerberosTicket to describe behavior if it + has been destroyed and fix NullPointerExceptions + + S8149521: automatic discovery of LDAP servers with Kerberos + authentication + + S8149714: [parfait] char array lengths don't match in + awt_Font.cpp:1701 + + S8152000: Java FlightRecorder does not run on Java 8 compact + 3 profile since u65 + + S8152172: PPC64: Support AES intrinsics + + S8152730: File Leak in CompileBroker::init_compiler_thread_log + of compileBroker.cpp:1665. + + S8152981: Double icons with JMenuItem + setHorizontalTextPosition on Win 10 + + S8153134: Infinite loop in handle_wrong_method in jmod + + S8153176: ParOldGC: Use correct TaskQueueSet for + ParallelTaskTerminator in marking. + + S8153267: nmethod's exception cache not multi-thread safe + + S8153925: (fs) WatchService hangs on GetOverlappedResult and + locks directory (win) + + S8154945: Enable 8130150 and 8081778 intrinsics by default + + S8155691: Update GIFlib library to the latest up-to-date + + S8155781: C2: opaque unsafe access triggers an assert + + S8156116: [macosx] two JNI locals to delete in AWTWindow.m, + CGraphicsEnv.m + + S8156723: JVM crash at + sun.java2d.windows.GDIBlitLoops.nativeBlit + + S8157035: Use stronger algorithms and keys for JSSE testing + + S8157181: Compilers accept modification of final fields + outside initializer methods + + S8157184: java/lang/invoke/LFCaching/LFMultiThreadCachingTest.java + failed with a fatal error + + S8157548: JVM crashes sometimes while starting + + S8157665: ProblemList.txt needs to be updated as 7041639 + closed + + S8158325: [macosx] Memory leak in com.apple.laf.ScreenMenu + + S8158356: SIGSEGV when attempting to rotate BufferedImage + using AffineTransform by NaN degrees + + S8158639: C2 compilation fails with SIGSEGV + + S8159035: CTSMode.java test crashed due to unhandled case of + cipher length value as 0 + + S8159696: java.beans.MethodRef#get throws NullPointerException + + S8160024: jdb returns invalid argument count if first + parameter to Arrays.asList is null + + S8160119: Utils.tryFindJvmPid sometimes find incorrect pid + + S8160174: java.net.NetworkInterface - fixes and improvements + for network interface listing + + S8160370: System.getProperty("os.version") returns "Unknown" + on Mac + + S8160551: assert(c == Bytecodes::_putfield) failed: must be + putfield + + S8160570: [macosx] modal dialog can skip the activation/focus + events + + S8160623: [PIT] Exception running + java/awt/event/KeyEvent/KeyChar/KeyCharTest.java + + S8160664: JVM crashed with font manager on Solaris 12 + + S8160696: IllegalArgumentException: adding a component to a + container on a different GraphicsDevice + + S8160893: [macosx] JMenuItems in JPopupMenu are not accessible + + S8160913: [TEST_BUG] javax/management/security/SecurityTest.java + fails due to missing keyStore file + + S8160941: "text/uri-list" dataflavor concats the first two + strings + + S8161039: System.getProperty("os.version") returns incorrect + version number on Mac + + S8161664: Memory leak in com.apple.laf.AquaProgressBarUI + removed progress bar still referenced + + S8161733: [parfait] Memory leak in imageioJPEG.c:2803 + + S8161742: [parfait] Uninitialised memory in isXTestAvailable + of awt_Robot.c:65 + + S8161761: [parfait] 2 JNI exception pending defect groups in + GraphicsPrimitiveMgr.c + + S8162101: C2: Handle "wide" aliases for unsafe accesses + + S8162488: JDK should be updated to use LittleCMS 2.8 + + S8162496: missing precedence edge for anti_dependence + + S8162598: XSLTC transformer swallows empty namespace + declaration which is needed to undeclare default namespace + + S8162603: Unrecognized VM option 'UseCountedLoopSafepoints' + + S8162766: Unsafe_DefineClass0 accesses raw oops while in + _thread_in_native + + S8162795: [REDO] MemberNameTable doesn't purge stale entries + + S8162796: [macosx] LinearGradientPaint and + RadialGradientPaint are not printed on OS X. + + S8163104: Unexpected NPE still possible on some Kerberos + ticket calls + + S8163181: Further improvements for Unix NetworkInterface + native implementation + + S8163518: Integer overflow in StringBufferInputStream.read() + and CharArrayReader.read/skip() + + S8163877: Tests added in JDK-8163518 fail on some platforms + + S8163896: Finalizing one key of a KeyPair invalidates the + other key + + S8163945: Honor Number type hint in toPrimitive on Numbers + + S8163969: Cyclic interface initialization causes JVM crash + + S8163979: [macosx] Chinese text shows as Latin w/ openVanilla + input method + + S8164002: Add a new CPU family (S_family) for SPARC S7 and + above processors + + S8164119: MoveToOtherScreenTest fails due wrong key attribute + + S8164366: ZoneOffset.ofHoursMinutesSeconds() does not reject + invalid input + + S8164501: Uninitialised memory in byteArrayToPacket of + SharedMemoryConnection.c + + S8164508: unexpected profiling mismatch in c1 generated code + + S8164784: ISO 4217 amendment 162 + + S8164846: CertificateException missing cause of underlying + exception + + S8165153: Crash in rebuild_cpu_to_node_map + + S8165243: Base64.Encoder.wrap(os).write(byte[],int,int) with + incorrect arguments should not produce output + + S8165320: Small flaw when integrating 8160174 to JDK8 + + S8165428: Security Warning dialog should be always on the top + when multiple applets with APPLICATION_MODAL dialog launched + in a browser + + S8165482: java in ldoms, with cpu-arch=generic has problems + + S8165717: [macosx] Various memory leaks in jdk9 + + S8165751: NPE hit with java.security.debug=provider + + S8165829: Android Studio 2.x crashes with NPE at + sun.lwawt.macosx.CAccessibility.getAccessibleIndexInParent + + S8165988: Test JarURLConnectionUseCaches.java fails at + windows: failed to clean up files after test + + S8166248: tools/pack200/Pack200Test.java fails on Win32: + Could not reserve enough space + + S8166507: ConcurrentSkipListSet.clear() can leave the Set in + an invalid state + + S8166747: Add invalid network / computer name cases to + isReachable known failure switch + + S8166799: ASSEMBLY_EXCEPTION contains historical company name + + S8166840: Synthetic bridge constructor in ArrayList$Itr + blocks inlining + + S8166872: GPL header in + /hotspot/src/share/vm/gc_implementation/g1/g1RemSetSummary.cpp + + S8166902: Nested object literal property maps not reset in + optimistic recompilation + + S8167102: [macosx] PrintRequestAttributeSet breaks page size + set using PageFormat + + S8168115: Remove and retag jdk8u122-b03 in 8u repo + + S8168364: [macosx] Delete unused class NSPrintinfo + + S8168373: don't emit conversions for symbols outside their + lexical scope + + S8168405: Pending exceptions in java.base/windows/native + + S8168751: Two "Direct Clip" threads are created to play the + same "AudioClip" object, what makes clip sound corrupted + + S8168914: Crash in ClassLoaderData/JNIHandleBlock::oops_do + during concurrent marking + + S8169056: StringIndexOutOfBoundsException in Pattern.compile + with CANON_EQ flag + + S8169112: java.lang.VerifyError: (class: GregorSamsa, method: + template-bash signature: (LGregorSamsa8;)V) Register 10 + contains wrong type + + S8169229: RSAClientKeyExchange debug info is incorrect + + S8169355: Diacritics input works incorrectly on Windows if + Spanish (Latin American) keyboard layout is used + + S8169481: StackOverflowError on start when parsing PAC file + to autodetect Proxy settings + + S8169556: Wrapping of FileInputStream's native skip and + available methods + + S8169865: Downport minor fixes in java.net native code from + JDK 9 to JDK 8 + + S8170153: PPC64/s390x/aarch64: Poor StrictMath performance + due to non-optimized compilation + + S8170278: ticket renewal won't happen with debugging turned on + + S8170409: CMS: Crash in + CardTableModRefBSForCTRS::process_chunk_boundaries + + S8170465: JNI exception pending in jni_util.c:190 + + S8170466: JNI exception pending in jni_util.c:190 + + S8170536: Uninitialised memory in set_uintx_flag of + attachListener.cpp + + S8170552: [macosx] Wrong rendering of diacritics on macOS + + S8170565: JSObject call() is passed undefined for the + argument 'thiz' + + S8170578: CUPS Printing is broken with Ubuntu 16.10 (CUPS 2.2) + + S8170594: >>>=0 generates invalid bytecode for BaseNode LHS + + S8170913: Java "1.8.0_112" on Windows 10 displays different + characters for EUDCs from ones created in eudcedit.exe. + + S8170950: Text is displayed in bold when fonts are installed + into symlinked folder + + S8170977: SparseArrayData should not grow its underlying + dense array data + + S8171151: JDK8u ProblemList.txt Updates + + S8171155: Scanning method file for initialized final field + updates can fail for non-existent fields + + S8171194: Exception "Duplicate field name&signature in class + file" should report the name and signature of the field + + S8171219: Missing checks in sparse array shift() + implementation + + S8171808: Performance problems in dialogs with large tables + when JAB activated + + S8171849: Collection and Queue conversions not prioritized + for Arrays + + S8171909: [PIT] on Windows, failure of + java/awt/Dialog/DialogAboveFrame/DialogAboveFrameTest.java + + S8171952: [macosx] AWT_Modality/Automated/ModalExclusion/ + /NoExclusion/ModelessDialog test fails as DummyButton on + Dialog did not gain focus when clicked. + + S8172053: (ppc64) Downport of 8170153 breaks build on + linux/ppc64 (big endian) + + S8172145: C2: anti dependence missed because store hidden by + membar + + S8173373: C1: NPE is thrown instead of LinkageError when + accessing inaccessible field on NULL receiver + + S8173423: Wrong display name for supplemental Japanese era + + S8173581: performance regression in + com/sun/crypto/provider/OutputFeedback.java + + S8173654: Regression since 8u60: System.getenv doesn't return + env var set in JNI code + + S8173664: Typo in + https://java.net/downloads/heap-snapshot/hprof-binary-format.html + + S8173853: IllegalArgumentException in + java.awt.image.ReplicateScaleFilter + + S8173876: Fast precise scrolling and DeltaAccumulator fix for + macOS Sierra 10.12.2 + + S8174736: [JCP] [Mac]Cannot launch JCP on Mac os with + language set to "Chinese, Simplified" while region is not China + + S8174779: Locale issues with Mac 10.12 + + S8175025: The copyright section in the test/java/awt/font/ + /TextLayout/DiacriticsDrawingTest.java should be updated + + S8175131: sun.rmi.transport.tcp.TCPChannel.createConnection + close connection on timeout + + S8175345: Reported null pointer dereference defect groups + + S8175915: NullPointerException from JComboBox and JList when + Accessibility enabled + + S8176287: [macosx] The print test crashed with Nimbus L&F + + S8176490: [macosx] Sometimes NSWindow.isZoomed hangs + + S8176511: JSObject property access is broken for numeric keys + outside the int range + + S8176530: JDK support for JavaFX modal print dialogs + + S8177095: Range check dependent CastII/ConvI2L is prematurely + eliminated + + S8177450: javax.swing.text.html.parser.Parser parseScript + ignores a character after commend end + + S8177678: Overstatement of universality of + Era.getDisplayName() implementation + + S8177776: Create an equivalent test case for JDK9's + SupplementalJapaneseEraTest + + S8177817: Remove assertions in 8u that were removed by + 8056124 in 9. + + S8179515: Class java.util.concurrent.ThreadLocalRandom fails + to Initialize when using SecurityManager + + S8180511: Null pointer dereference in Matcher::ReduceInst() + + S8180565: Null pointer dereferences of ConstMethod::method() + + S8180575: Null pointer dereference in LoadNode::Identity() + + S8180576: Null pointer dereference in Matcher::xform() + + S8180617: Null pointer dereference in + InitializeNode::complete_stores + + S8180660: missing LNT entry for finally block + + S8180813: Null pointer dereference of CodeCache::find_blob() + result + + S8180934: PutfieldError failed with + UnsupportedClassVersionError + + S8180949: Correctly handle exception in + TCPChannel.createConnection + + S8181191: getUint32 returning Long + + S8181192: [macos] javafx.print.PrinterJob.showPrintDialog() + hangs on macOS + + S8181205: JRE fails to load/register security providers when + started from UNC pathname + + S8181500: [TESTBUG] com/sun/jdi/LineNumberInfo.java fails + with jArrayIndexOutOfBoundsException + + S8182672: Java 8u121 on Linux intermittently returns null for + MAC address + + S8185779: 8u152 L10n resource file update + + S8186532: 8u152 L10n resource file update md20 + * Import of OpenJDK 8 u161 build 12 + + S8035105: DNS provider cleanups + + S8137255: sun/security/provider/NSASuiteB/ + /TestDSAGenParameterSpec.java timeouts intermittently + + S8140436: Negotiated Finite Field Diffie-Hellman Ephemeral + Parameters for TLS + + S8148108: Disable Diffie-Hellman keys less than 1024 bits + + S8148421, PR3504: Transport Layer Security (TLS) Session Hash + and Extended Master Secret Extension + + S8154344: sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java + fails on solaris + + S8156502: Use short name of + SupportedEllipticCurvesExtension.java + + S8158116: com/sun/crypto/provider/KeyAgreement/ + /SupportedDHParamGens.java failed with timeout + + S8159240: XSOM parser incorrectly processes type names with + whitespaces + + S8159377: JMX Connections need white-list filters + + S8161598: Kitchensink fails: assert(nm->insts_contains(original_pc)) + failed: original PC must be in nmethod/CompiledMethod + + S8163237: Restrict the use of EXPORT cipher suites + + S8166362: [TEST_BUG] test sun/net/www/http/HttpClient/B8025710.java + failing with cert error in 8u121 b01 + + S8169944: sun/security/tools tests fail with CompilationError + + S8170157: Enable unlimited cryptographic policy by default in + OracleJDK + + S8170245: [TEST_BUG] Cipher tests fail when running with + unlimited policy + + S8170911: 8170823 changes in 8u131 causing signature-test + failure in jck runtime8b suite + + S8171262: Stability fixes for lcms + + S8172297: In java 8, the marshalling with JAX-WS does not + escape carriage return + + S8173631: Backout three hotspot fixes from 8u121-bpr repo + + S8176536: Improved algorithm constraints checking + + S8177144: [TEST BUG] sun/net/www/http/HttpClient/B8025710.java + should run in ovm mode + + S8177750: Forgot TestSocketFactory testcase in 8163958 + changeset + + S8178536: OOM ERRORS + SERVICE-THREAD TAKES A PROCESSOR TO + 100% + + S8178728: Check the AlgorithmParameters in algorithm + constraints + + S8179223: Integrate 8176490 into 8u131-bpr repo + + S8181439: Test the jdk.tls.namedGroups System Property + + S8181975: Run sun/security/pkcs11 tests on Mac + + S8182614: Backout JDK-8140436 from 8u161 + + S8183939: Import JDK-8182672 into 8u141-bpr repo + + S8184016: Text in native popup is not always updated with + Sogou IME + + S8185572: Enable AssumeMP by default on SPARC machines + + S8185628: Backport jdk/test/lib/testlibrary/CompilerUtils.java + to jdk8u which is helpful in test development + + S8185719: rmi TestSocketFactory does not flush + + S8185909: Disable JARs signed with DSA keys less than 1024 + bits + + S8186539: [testlibrary] TestSocketFactory should allow + triggers before match/replace + + S8187482: Backout JDK-8159377 + + S8187556: Backout of a fix reintroduced a dependency that had + since been removed + + S8188880: A JAXB JCK test failure found after 8186080 + + S8190258, PR3499: (tz) Support tzdata2017c + + S8190259, PR3499: test tck.java.time.zone.TCKZoneRules is + broken by tzdata2017c + + S8190266: closed/java/awt/ComponentOrientation/WindowTest.java + throws java.util.MissingResourceException. + + S8190449: sun/security/pkcs11/KeyPairGenerator/TestDH2048.java + fails on Solaris x64 5.10 + + S8190497: DHParameterSpec.getL() returns zero after + JDK-8072452 + + S8190541: 8u161 L10n resource file update + + S8190789: sun/security/provider/certpath/LDAPCertStore/ + TestURICertStoreParameters.java fails after JDK-8186606 + + S8191137, PR3503: keytool fails to format resource strings + for keys for some languages after JDK-8171319 + + S8191340: 8ux linux builds failing - com.sun.org.apache.xalan. + internal.xsltc.trax.TransformerFactoryImpl (unknown type) + + S8191352: Remove 8u161-b07 and 8u162-b07 tag to include + 8191340 for b07 + + S8191907: PPC64 part of JDK-8174962: Better interface + invocations + + S8192793: 8u161 L10n resource file update md20 + + S8193683: Increase the number of clones in the CloneableDigest + * Backports + + S8165996, PR3506: PKCS11 using NSS throws an error regarding + secmod.db when NSS uses sqlite + + S8170523, PR3506: Some PKCS11 test cases are ignored with + security manager + + S8187667, PR3517: Disable deprecation warning for readdir_r + + S8189789, PR3530: tomcat gzip-compressed response bodies + appear to be broken in update 151 + + S8194739, PR3520: Zero port of 8174962: Better interface + invocations + + S8194828, PR3520: Fix for 8194739: Zero port of 8174962: + Better interface invocations + + S8195837, PR3522: (tz) Upgrade time-zone data to tzdata2018c + + S8196516, PR3523: [REDO] [linux] libfontmanager should be + linked against headless awt library + + S8196978, PR3517: JDK-8187667 fails on GCC 4.4.7 as found on + RHEL 6 + * Bug fixes + + PR3489: Incomplete reading of directory containing tzdb.dat + + PR3501: Revert 8165320 so as not to revert the work of + 8034174 (PR2290) + + PR3526: configure fails to parse GCC version + * AArch64 port + + S8164113, PR3519: AArch64: follow-up the fix for 8161598 + + S8193133, PR3519: Assertion failure because 0xDEADDEAD can be + in-heap + + S8194686, PR3519: AArch64 port of 8174962: Better interface + invocations + + S8195859, PR3519: AArch64: vtableStubs gtest fails after + 8174962 + + S8196136, PR3519: AArch64: Correct register use in patch for + JDK-8194686 + + S8196221, PR3519: AArch64: Mistake in committed patch for + JDK-8195859 + + PR3519: Fix functions with missing return value. + + PR3519: Fix further functions with a missing return value. + * AArch32 port + + S8140584: [aarch32] nmethod::oops_do_marking_epilogue always + runs verification code + + S8174962: [aarch32] Better interface invocations + * Shenandoah + + Fix post-CPU merge Shenandoah regressions +- Removed patch: + * tzdb_dat.patch + + integrated upstream +- Added patch: + * aarch64.patch + + fix aarch64 build + +------------------------------------------------------------------- +Mon Jan 29 09:44:55 UTC 2018 - fstrba@suse.com + +- Fix build with gcc 7.3 + * add -fno-delete-null-pointer-checks -fno-lifetime-dse and + -std=gnu++98 + +------------------------------------------------------------------- +Fri Nov 3 11:36:40 UTC 2017 - fstrba@suse.com + +- Added patch: + * tzdb_dat.patch + + Patch also the other place in jdk that loads the tzdb.dat + file + +------------------------------------------------------------------- +Thu Nov 2 06:30:45 UTC 2017 - fstrba@suse.com + +- Update to version jdk8u151 (icedtea 3.6.0) + * Security fixes + + S8165543: Better window framing + + S8169026, CVE-2017-10274: Handle smartcard clean up better + (bsc#1064071) + + S8169966: Larger AWT menus + + S8170218: Improved Font Metrics + + S8171252: Improve exception checking + + S8171261: Stability fixes for lcms + + S8174109, CVE-2017-10281: Better queuing priorities + (bsc#1064072) + + S8174966, CVE-2017-10285: Unreferenced references + (bsc#1064073) + + S8175940: More certificate subject checking + + S8176751, CVE-2017-10295: Better URL connections (bsc#1064075) + + S8178794, CVE-2017-10388: Correct Kerberos ticket grants + (bsc#1064086) + + S8180024: Improve construction of objects during + deserialization + + S8180711, CVE-2017-10346: Better invokespecial checks + (bsc#1064078) + + S8181100, CVE-2017-10350: Better Base Exceptions (bsc#1064082) + + S8181323, CVE-2017-10347: Better timezone processing + (bsc#1064079) + + S8181327, CVE-2017-10349: Better X processing (bsc#1064081) + + S8181370, CVE-2017-10345: Better keystore handling + (bsc#1064077) + + S8181432, CVE-2017-10348: Better processing of unresolved + permissions (bsc#1064080) + + S8181597, CVE-2017-10357: Process Proxy presentation + (bsc#1064085) + + S8181612, CVE-2017-10355: More stable connection processing + (bsc#1064083) + + S8181692, CVE-2017-10356: Update storage implementations + (bsc#1064084) + + S8183028, CVE-2016-10165: Improve CMS header processing + (bsc#1064069) + + S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, + CVE-2016-9843: Upgrade compression library (bsc#1064070) + * New features + + PR3469: Alternative path to tzdb.dat + + PR3483: Separate addition of nss.cfg and tz.properties into + separate targets + + PR3484: Move SystemTap support to its own target + + PR3485: Support additional targets for the bootstrap build + * Import of OpenJDK 8 u151 build 12 + + S8029659: Keytool, print key algorithm of certificate or key + entry + + S8057810: New defaults for DSA keys in jarsigner and keytool + + S8075484, PR3473, RH1490713: SocketInputStream.socketRead0 + can hang even with soTimeout set + + S8077670: sun/security/krb5/auto/MaxRetries.java may fail + with BindException + + S8087144: sun/security/krb5/auto/MaxRetries.java fails with + Retry count is -1 less + + S8153146: sun/security/krb5/auto/MaxRetries.java failed with + timeout + + S8157561: Ship the unlimited policy files in JDK Updates + + S8158517: Minor optimizations to ISO10126PADDING + + S8171319: keytool should print out warnings when reading or + generating cert/cert req using weak algorithms + + S8177569: keytool should not warn if signature algorithm + used in cacerts is weak + + S8177837: need to upgrade install tools + + S8178714: PKIX validator nameConstraints check failing after + change 8175940 + + S8179423: 2 security tests started failing for + JDK 1.6.0 u161 b05 + + S8179564: Missing @bug for tests added with JDK-8165367 + + S8181048: Refactor existing providers to refer to the same + constants for default values for key length + + S8182879: Add warnings to keytool when using JKS and JCEKS + + S8184937: LCMS error 13: Couldn't link the profiles + + S8185039: Incorrect GPL header causes RE script to miss swap + to commercial header for licensee source bundle + + S8185040: Incorrect GPL header causes RE script to miss swap + to commercial header for licensee source bundle + + S8185778: 8u151 L10n resource file update + + S8185845: Add SecurityTools.java test library + + S8186503: sun/security/tools/jarsigner/DefaultSigalg.java + failed after backport to JDK 6/7/8 + + S8186533: 8u151 L10n resource file update md20 + + S8186674: Remove JDK-8174109 from CPU Aug 21 week builds + * Backports + + S8035496, PR3487: G1 ARM: missing remset entry noticed by + VerifyAfterGC for vm/gc/concurrent/lp50yp10rp70mr30st0 + + S8146086, PR3439, RH1478402: Publishing two webservices on + same port fails with "java.net.BindException: Address already + in use" + + S8184673, PR3475, RH1487266: Fix compatibility issue in + AlgorithmChecker for 3rd party JCE providers + + S8185164, PR3438: GetOwnedMonitorInfo() returns incorrect + owned monitor + + S8187822, PR3478, RH1494230: C2 conditonal move optimization + might create broken graph + * Bug fixes + + PR3479, RH1486025: ECC and NSS JVM crash + + PR3486: Path to jvm.cfg is wrong in add-systemtap-boot + + S8165852, PR3468: (fs) Mount point not found for a file + which is present in overlayfs + + S8188030, PR3459, RH1484079: AWT java apps fail to start + when some minimal fonts are present + * PPC port + + S8145913, PR3466, RH1498309: PPC64: add Montgomery multiply + intrinsic + + S8168318, PR3466, RH1498320: PPC64: Use cmpldi instead of + li/cmpld + + S8170328, PR3466, RH1498321: PPC64: Use andis instead of + lis/and + + S8181810, PR3466, RH1498319: PPC64: Leverage extrdi for + bitfield extract + * AArch64 port + + S8161190, PR3488: AArch64: Fix overflow in immediate cmp + instruction + + S8187224, PR3488: aarch64: some inconsistency between + aarch64_ad.m4 and aarch64.ad + * SystemTap + + PR3467, RH1492139: Hotspot object_alloc tapset uses + HeapWordSize incorrectly + * Shenandoah + + Add missing UseShenandoahGC checks to C2 + + [backport] Add JVMTI notifications to Shenandoah GC pauses. + + [backport] After Evac verification should run consistently + + [backport] All definitions should start with Shenandoah* + + [backport] Allocation latency tracing + + [backport] Allow allocations in pinned regions + + [backport] Assorted monitoring support fixes + + [backport] Avoid Full STW GC on System.gc() + related fixes + + [backport] BrooksPointer tracing overwhelms -Xlog:gc=trace + + [backport] Cannot do more than 1000 Full GCs + + [backport] Cap heap size for TestRegionSizeArgs test + + [backport] Cleanup "dirty" mentions + + [backport] Cleanup unused methods and statements + Trivial + cleanup: removed unused field, etc. + + [backport] Common pause marker to capture everything + before/after pause + + [backport] Consistent print_on and tty handling + + [backport] "continuous" heuristics + + [backport] Disable biased locking by default + + [backport] Fix build error: avoid loops with empty bodies + + [backport] Fix build error: switches over enums should take + all enums + + [backport] Fix build error: verifier liveness should not be + implicitly casted to size_t + + [backport] Fixed assertion failures when printing heap + region to trace output + + [backport] Fixed C calling convention of shenandoah_wb() on + Windows + + [backport] LotsOfCycles test always degrades to Full GC + + [backport] Made ShenandoahPrinter debug only + + [backport] Make sure different Verifier levels work + + [backport] Make sure we have at least one memory pool per + memory manager (JMX) + JMX double-counts heap used size + + [backport] Mark heuristics diagnostic/experimental + + [backport] Move Verifier "start" message under (gc,start) + + [backport] On-demand commit as heap resizing strategy + + [backport] Periodic GC + + [backport] PhiNode::has_only_data_users() needs to apply to + shenandoah barrier only + + [backport] Pinning humongous regions should be allowed + + [backport] Reclaimed humongous regions should count towards + immediate garbage + + [backport] Refactor region flags into finite state machine + + [backport] Refactor ShConcThread dispatch + + [backport] Refactor ShenandoahFreeSet + Fast-forward over + humongous regions to keep "current" non-humongous + + [backport] Refactor ShenandoahHeapLock + + [backport] Refactor ShenandoahHeapRegionSet + + [backport] Region (byte|word) shifts as the replacement for + divisions + + [backport] Rehash -XX:-UseTLAB in tests + Rehash allocation + tests + + [backport] Rename inline guards + + [backport] Selectable humongous threshold + Humongous top() + should be correct for iteration + + [backport] Shortcut concurrent cycle when enough immediate + garbage is reclaimed + + [backport] Templatize and improve inlining of arraycopy and + clone barriers. + + [backport] TestRegionSampling test + + [backport] TestSmallHeap test for Shenandoah + + [backport] Uncommit heap regions after given delay + + [backport] Underflow in adaptive free_threshold calculation + + [backport] Unlock more GC-specific tests for Shenandoah + + [backport] Update counters on slow-path more rarely + + [backport] Verifier should avoid pushing on stack when + walking objects past TAMS + + [backport] Verifier should walk cset and humongous regions + + [backport] Verify humongous regions liveness + + [backport] Verify liveness data + + Correct way to fix Windows call convention issue + + Fix build error in release config. + + Fixed Fixed message logging + + Handle Java heap initialization and expansion failures + + Make sure -verbose:gc, PrintGC, PrintGCDetails work + consistently + + Missing barriers on constant oops + acmp rework + cas fix + + write barrier on constant oop fix + + Missing UseShenandoahGC check in + LibraryCallKit::inline_multiplyToLen() + + Missing UseShenandoahGC check to C2 + + OOME in SurrogateLockerThread deadlocks the GC cycle + + Properly unlock ShenandoahVerify + + Remove unused memory_for, fixing the build + + Remove useless code following acmp rework + + Revert accidental G1 closure rename + + Test bug: test library and flags in TestHeapAlloc + + UnlockDiagnosticVMOptions flag is needed for ShenandoahVerify + + Write barrier pin and expand cleanup +- Removed patches: + * alternative-tzdb_dat.patch + * java-1_8_0-openjdk-linuxfilestore.patch + + Integrated upstream + +------------------------------------------------------------------- +Sun Oct 8 12:44:35 UTC 2017 - fstrba@suse.com + +- Enable improved font rendering on systems where it applies + +------------------------------------------------------------------- +Mon Oct 2 07:40:41 UTC 2017 - fstrba@suse.com + +- Change the requirement of tzdata-java8 to Recommends, since it is + not strictly needed. + +------------------------------------------------------------------- +Thu Sep 28 16:40:43 UTC 2017 - fstrba@suse.com + +- Added patch: + * alternative-tzdb_dat.patch + + Allow specifying alternative path where to find the tzdb.dat + file. With fallback to $JAVA_HOME/jre/lib/tzdb.dat +- Don't symlink tzdb.dat in postinstall + +------------------------------------------------------------------- +Thu Sep 21 22:43:35 UTC 2017 - fstrba@suse.com + +- Update the provided jdbc-stdext version to 4.2 + +------------------------------------------------------------------- +Thu Sep 21 11:41:46 UTC 2017 - fstrba@suse.com + +- Allow bootstrapping by itself (BuildConflicts: java-devel >= 1.9) + +------------------------------------------------------------------- +Sat Sep 16 07:29:20 UTC 2017 - fstrba@suse.com + +- Make the requirements for mozilla-nss requires_ge instead of + requires_eq + +------------------------------------------------------------------- +Fri Sep 15 15:55:30 UTC 2017 - fstrba@suse.com + +- Don't require java-bootstrap-devel, build with the non-bootstrap + java. + +------------------------------------------------------------------- +Thu Aug 31 14:31:46 UTC 2017 - fstrba@suse.com + +- Added patch: + * zero-atomic_copy64.patch + - Fix wrong assembly for ppc and (maybe for) s390 + +------------------------------------------------------------------- +Wed Aug 23 09:54:09 UTC 2017 - fstrba@suse.com + +- Added patch: + * java-1_8_0-openjdk-linuxfilestore.patch + - Fix bsc#1032647, bsc#1052009 with btrfs subvolumes and + overlayfs + +------------------------------------------------------------------- +Mon Jul 31 17:24:05 UTC 2017 - fstrba@suse.com + +- Update to version jdk8u144 (icedtea 3.5.1) + * Import of OpenJDK 8 u144 build 01 + - S8184993: Jar file verification failing with + SecurityException: digest missing xxx + * Shenandoah + - Amend "ArrayCopy verification code fix" with 8u-specific node + hierarchy test + - Amend "Refactor asm acmp" with a few missing changes + - [backport] aarch64 store check fix + - [backport] Account "shared" out-of-LAB allocations separately + - [backport] Adaptive should not be scared of user-requested + System.gc() + - [backport] Added assertion for page alignment of heap's base + address + - [backport] Add "verify jcstress" acceptance test + - [backport] "Allocation failure" cause should not be + overwritten + - [backport] ArrayCopy verification code fix + - [backport] Assorted cleanups + - [backport] "Before Full GC" verification is too strong for + OOME-during-evac + - [backport] C1 stores constants without read barriers + - [backport] Cleanup AArch64 code + - [backport] Cleanup class unloading and string intern code + - [backport] Cleanup duplicated Shenandoah task queue + declarations + - [backport] Cleanups + - [backport] Cleanup ShenandoahBarrierSet::write_barrier + - [backport] Cleanup ShenandoahHeap::do_evacuation + - [backport] Clean up unused fields and methods + - [backport] Cleanup: update-refs check in_collection_set twice + - [backport] Code cache roots styles + - [backport] Concurrent code cache evacuation + bugfixes + - [backport] Concurrent preclean + Fix weakref precleaning + - [backport] Correct prefetch offset for marked object + iteration + - [backport] Deferred region cleanup. + - [backport] Dense ShenandoahHeapRegion printout + - [backport] Detailed ParallelCleanupTask statistics + Split + out Full GC stats for parallel cleaning + - [backport] Disable aggressive+verification test configs + (jtreg eats up last configuration) + - [backport] Do not abandon RP discovery on conc GC cancel, + do that only before Full GC + - [backport] Eliminating _num_regions variable in + ShenandoahHeap + - [backport] Ensure collection set and cset map are consistent + - [backport] Fallback to shared allocation if GCLAB is not + available + - [backport] Fast synchronizer root scanning + - [backport] "F: Code Cache Roots" is missing from gc+stats + - [backport] Fix DerivedPointerTable handling when scanning + roots twice in init-evac phase + - [backport] Fixed a few of early returns that calling + register_gc_end() + - [backport] Fix live data accounting for humongous region + - [backport] Fix memory Phis with only data uses + - [backport] Fix recycled regions zapping + - [backport] Fix up pointer volatility + - [backport] Generic verification should not trust bitmaps + - [backport] Heap/matrix verification for all reachable objects + - [backport] Heap memory usage counting not longer needs to be + atomic + - [backport] Heap region recycling should call explicit clear() + and request zapping + - [backport] Heap region verification + - [backport] Implementation of interpreter matrix barrier on + aarch64 + - [backport] Implement early update references phase. + - [backport] implicit null checks broken on aarch64 + - [backport] Increase timeout for EvilSyncBug test + - [backport] Lazy parallel code cache iterator + - [backport] Make statistics gathering span more operations + - [backport] Make sure atomic operations are done on + "volatile" fields + - [backport] Make sure new_active_workers is used + - [backport] Make {T,GC}LAB statistics unconditional + - [backport] Mark-compact and heuristics should consistently + process refs and unload classes + - [backport] minor fix to optimization of java mirror + comparison + - [backport] more barrier on constant oop fixes + couple small + unrelated fixes + - [backport] More collection set and matrix cleanup + - [backport] Nit: mark-compact phase 3 (Adjust Pointers) should + announce itself as "Phase 3" + - [backport] Optimize heap region size checks + - [backport] Optimize heap verification + - [backport] Out-of-TLAB evacuation should overwrite stale + copies + - [backport] Parallel code cache scanning + - [backport] Parallel verification + - [backport] Print correct message about gross times in stats + - [backport] Print heap changes in phases that actually change + heap occupancy + - [backport] Print more detailed final UR stats + - [backport] Print more details for weak ref and class + unloading stats + - [backport] Properly react on -ClassUnloading + - [backport] Purge ealier version of redefined classes during + class unloading + - [backport] Purge ratio, global, connections heuristics. + - [backport] Purge shenandoahHumongous.hpp + - [backport] Purge ShenandoahVerify(Reads|Writes)ToFromSpace. + - [backport] Reduce region retirement during tlab allocation + - [backport] Refactor asm acmp (x86, aarch64, renames) + - [backport] Refactor BrooksPointer asserts + - [backport] Refactor heap verification + - [backport] Reference processing deadlocks with + -ParallelRefProcEnabled + - [backport] Reference processors might use non-forwarded alive + checks + - [backport] Region sampling may not be enabled because last + timetick is uninitialized + - [backport] Rehash ShenandoahHeap section in hs_err + - [backport] Reinstate "Purge" block in final-mark stats + - [backport] Relax assert to not fire at safepoint + - [backport] Remove heap printing routines from ShenandoahHeap + - [backport] Remove obsolete compile_resolve_oop_runtime() + methods + - [backport] Rename final mark operations + - [backport] Rename ShenandoahBarriersForConst + - [backport] Replace ShHeapRegionSet::get with get_fast + - [backport] Report correct total garbage data. Print out + garbage and cset data with -Xlog:gc+ergo + - [backport] Report oops and fwdptrs verification failures + fully + - [backport] Result of write barrier on constant not used + - [backport] Separate Full GC root operations in GC stats + - [backport] ShenandoahCollectionSet refactor + - [backport] ShenandoahGCSession used wrong timer for full GC + - [backport] ShenandoahHeap::evacuate_object() with boolean + result flag. + - [backport] Shenandoah options should be uintx + - [backport] shenandoah_wb should fallback to slow path with + -UseTLAB + Fix aarch64 compilation error due to + shenandoah_wb change + - [backport] ShenandoahWriteBarrierNode::memory_dominates_all_paths() + assert failure when compiling methods using unsafe + - [backport] Shortcut reference processing when no work is + available + - [backport] Simplify parallel synchronizer roots iterator + - [backport] Skip RESOLVE when references update is not needed + - [backport] Stats should attribute "Resize TLABs" properly, + and mention "Pause" for init/final mark + - [backport] Stats should not record past-shutdown events + - [backport] "String/Symbol/CodeCache" -> "Str/Sym, Code Cache" + - [backport] Tests should use all heuristics and pass heap + verification + Disable aggressive+verification test configs + - [backport] Total pauses should include final-mark pauses + - [backport] Trim down native GC footprint + - [backport] Update region sampling to include TLAB/GCLAB + allocation data + - [backport] Update roots should always handle derived pointers + - [backport] Update ShenandoahHeapSampling to avoid double + counting. + - [backport] Update statistics to capture thread data + accurately + - [backport] Use CollectedHeap::base() instead of + ShenandoahHeap::first_region_bottom() + - [backport] Use lock version heap region memory allocator + - [backport] Use scoped object for gc session/phases recording + - [backport] Variable steps in adaptive heuristics + - [backport] Verification error log is truncated + - [backport] Verification levels + - [backport] Verification should assert complete bitmaps in + most phases + Disable complete bitmap verification in init + mark + - [backport] Verifier performance improvements: scan objects + once, avoid double oop checks + - [backport] Verifier should not assert cset in forwarded test + block + - [backport] Verifier should print extended info on referenced + location + - [backport] Verifier should use non-optimized root scans + - [backport] Verify marked objects + - [backport] Verify TAMS and object sizes + - [backport] write barrier can get stuck below predicates + resulting in unschedulable graph + - S8140584: nmethod::oops_do_marking_epilogue always runs + verification code + - S8180175, S8180599: Cherry-pick/synchronize + - Cleanup: Removed redundant + ClassLoaderData::clear_claimed_marks() calls + - Cleanup shared code. + - Fixed memory leak in region garbage cache + - Fix return type of + ShenandoahHeapRegion::region_size_words_jint() + - Improved comment about AArch64bit addressing in assembler. + - Leak mutex in ShenandoahTaskTerminator + - Make sure C2 arguments are not used when C2 is disabled. + - Refactor parallel ClassLoaderData iterator + - Revert G1 changes and bring shared BitMap + - Add missing cmpoops() declaration to AArch64 macro assembler. + Back out matrix related code from AArch64 interpreter. + - Fix build without precompiled headers. + - Fixed build issues on Windows + +------------------------------------------------------------------- +Wed Jul 26 06:54:51 UTC 2017 - fstrba@suse.com + +- Use aarch32 instead of arm as a directory for JIT arm 32-bit + virtual machine. + +------------------------------------------------------------------- +Fri Jul 21 08:27:25 UTC 2017 - fstrba@suse.com + +- Upgrade to version jdk8u141 (icedtea 3.5.0) + * Security fixes + - S8163958, CVE-2017-10102, bsc#1049316: Improved garbage + collection + - S8167228: Update to libpng 1.6.28 + - S8169209, CVE-2017-10053, bsc#1049305: Improved image + post-processing steps + - S8169392, CVE-2017-10067, bsc#1049306: Additional jar + validation steps + - S8170966, CVE-2017-10081, bsc#1049309: Right parenthesis + issue + - S8171539, CVE-2017-10078, bsc#1049308: Better script + accessibility for JavaScript + - S8172204, CVE-2017-10087, bsc#1049311: Better Thread Pool + execution + - S8172461, CVE-2017-10089, bsc#1049312: Service Registration + Lifecycle + - S8172465, CVE-2017-10090, bsc#1049313: Better handling of + channel groups + - S8172469, CVE-2017-10096, bsc#1049314: Transform Transformer + Exceptions + - S8173286, CVE-2017-10101, bsc#1049315: Better reading of text + catalogs + - S8173697, CVE-2017-10107, bsc#1049318: Less Active + Activations + - S8173770, CVE-2017-10074, bsc#1049307: Image conversion + improvements + - S8174098, CVE-2017-10110, bsc#1049321: Better image fetching + - S8174105, CVE-2017-10108, bsc#1049319: Better naming + attribution + - S8174113, CVE-2017-10109, bsc#1049320: Better sourcing of + code + - S8174770: Check registry registration location + - S8174873: Improved certificate processing + - S8175106, CVE-2017-10115, bsc#1049324: Higher quality DSA + operations + - S8175110, CVE-2017-10118, bsc#1049326: Higher quality ECDSA + operations + - S8176055: JMX diagnostic improvements + - S8176067, CVE-2017-10116, bsc#1049325: Proper directory + lookup processing + - S8176760, CVE-2017-10135, bsc#1049328: Better handling of + PKCS8 material + - S8178135, CVE-2017-10176, bsc#1049329: Additional elliptic + curve support + - S8179101, CVE-2017-10193, bsc#1049330: Improve algorithm + constraints implementation + - S8179998, CVE-2017-10198, bsc#1049331: Clear certificate + chain connections + - S8181420, CVE-2017-10074, bsc#1049307: PPC: Image conversion + improvements + - S8183551, CVE-2017-10074, PR3423, bsc#1049307: AArch64: Image + conversion improvements + - S8184185, CVE-2017-10111, bsc#1049322: Rearrange MethodHandle + arrangements + - bsc#1049332, CVE-2017-10243: Unspecified vulnerability in + subcomponent JAX-WS + - bsc#1049327, CVE-2017-10125: Unspecified vulnerability in + subcomponent deployment + - bsc#1049323, CVE-2017-10114: Unspecified vulnerability in + subcomponent JavaFX + - bsc#1049317, CVE-2017-10105: Unspecified vulnerability in + subcomponent deployment + - bsc#1049310, CVE-2017-10086: Unspecified vulnerability in + subcomponent JavaFX +* New features + - PR3392, RH1273760: Support using RSAandMGF1 with the SHA hash + algorithms in the PKCS11 provider +* Import of OpenJDK 8 u141 build 15 (bsc#1049302) + - S8139870: sun.management.LazyCompositeData.isTypeMatched() + fails for composite types with items of ArrayType + - S8155690: Update libPNG library to the latest up-to-date + - S8159058: SAXParseException when sending soap message + - S8162461: Hang due to JNI up-call made whilst holding JNI + critical lock + - S8163889: [macosx] Can't print from browser on Mac OS X + - S8165231: java.nio.Bits.unaligned() doesn't return true on ppc + - S8165367: Additional tests for JEP 288: Disable SHA-1 + Certificates + - S8173145: Menu is activated after using mnemonic Alt/Key + combination + - S8173207: Upgrade compression library + - S8175251: Failed to load RSA private key from pkcs12 + - S8176329: jdeps to detect MR jar file and output a warning + - S8176536: Improved algorithm constraints checking + - S8176731: JCK tests in api/javax_xml/transform/ spec + conformance started failing after 8172469 + - S8176769: Remove accidental spec change in jdk8u + - S8177449: (tz) Support tzdata2017b + - S8178996: [macos] JComboBox doesn't display popup in mixed + JavaFX Swing Application on 8u131 and Mac OS 10.12 + - S8179014: JFileChooser with Windows look and feel crashes on + win 10 + - S8180582: The bind to rmiregistry is rejected by + registryFilter even though registryFilter is set + - S8181591: 8u141 L10n resource file update + - S8181698: Remove and retag 8u141-b12 tag from source + repository + - S8181946: JDK 8 THIRD_PARTY_README - Minor Cleanup + - S8182054: Improve wsdl support + - S8184235: Backout JDK-8173207 from 8u141, 7u151 and higher + updates source base +* Backports + - S8164293, PR3412, RH1459641: HotSpot leaking memory in + long-running requests + - S8175813, PR3394, RH1448880: PPC64: "mbind: Invalid argument" + when -XX:+UseNUMA is used + - S8175887, PR3415: C1 value numbering handling of + Unsafe.get*Volatile is incorrect + - S8179084, PR3409, RH1455694: HotSpot VM fails to start when + AggressiveHeap is set + - S8180048, PR3411, RH1449870: Interned string and symbol table + leak memory during parallel unlinking + - S8181055, PR3394, RH1448880: PPC64: "mbind: Invalid argument" + still seen after 8175813 + - S8181419, PR3413, RH1463144: Race in jdwp invoker handling + may lead to crashes or invalid results +* AArch64 port + - S7009641, PR3423: Don't fail VM when CodeCache is full + - S8182581, PR3423: aarch64: fix for crash caused by earlyret + of compiled method +* AArch32 port + - PR3391: Revert PR3385 as -Xshare:dump does appear to work on + AArch32 + +------------------------------------------------------------------- +Wed May 17 10:52:18 UTC 2017 - fstrba@suse.com + +- Upgrade to version jdk8u131 (icedtea 3.4.0) - bsc#1034849 + * Security fixes + - S8163520, CVE-2017-3509: Reuse cache entries + - S8163528, CVE-2017-3511: Better library loading + - S8165626, CVE-2017-3512: Improved window framing + - S8167110, CVE-2017-3514: Windows peering issue + - S8168699: Validate special case invocations + - S8169011, CVE-2017-3526: Resizing XML parse trees + - S8170222, CVE-2017-3533: Better transfers of files + - S8171121, CVE-2017-3539: Enhancing jar checking + - S8171533, CVE-2017-3544: Better email transfer + - S8172299: Improve class processing + * New features + - PR1969: Add AArch32 JIT port + - PR3297: Allow Shenandoah to be used on AArch64 + - PR3340: jstack.stp should support AArch64 + * Import of OpenJDK 8 u131 build 11 + - S6474807: (smartcardio) CardTerminal.connect() throws + CardException instead of CardNotPresentException + - S6515172, PR3346: Runtime.availableProcessors() ignores Linux + taskset command + - S7155957: + closed/java/awt/MenuBar/MenuBarStress1/MenuBarStress1.java + hangs on win 64 bit with jdk8 + - S7167293: FtpURLConnection connection leak on + FileNotFoundException + - S8035568: [macosx] Cursor management unification + - S8079595: Resizing dialog which is JWindow parent makes JVM + crash + - S8130769: The new menu can't be shown on the menubar after + clicking the "Add" button. + - S8146602: + jdk/test/sun/misc/URLClassPath/ClassnameCharTest.java test + fails with NullPointerException + - S8147842: IME Composition Window is displayed at incorrect + location + - S8147910, PR3346: Cache initial active_processor_count + - S8150490: Update OS detection code to recognize Windows + Server 2016 + - S8160951: [TEST_BUG] + javax/xml/bind/marshal/8134111/UnmarshalTest.java should be + added into :needs_jre group + - S8160958: [TEST_BUG] + java/net/SetFactoryPermission/SetFactoryPermission.java + should be added into :needs_compact2 group + - S8161147: jvm crashes when -XX:+UseCountedLoopSafepoints is + enabled + - S8161195: Regression: + closed/javax/swing/text/FlowView/LayoutTest.java + - S8161993, PR3346: G1 crashes if active_processor_count + changes during startup + - S8162876: [TEST_BUG] + sun/net/www/protocol/http/HttpInputStream.java fails + intermittently + - S8162916: Test sun/security/krb5/auto/UnboundSSL.java fails + - S8164533: sun/security/ssl/SSLSocketImpl/CloseSocket.java + failed with "Error while cleaning up threads after test" + - S8167179: Make XSL generated namespace prefixes local to + transformation process + - S8168774: Polymorhic signature method check crashes javac + - S8169465: Deadlock in com.sun.jndi.ldap.pool.Connections + - S8169589: [macosx] Activating a JDialog puts to back another + dialog + - S8170307: Stack size option -Xss is ignored + - S8170316: (tz) Support tzdata2016j + - S8170814: Reuse cache entries (part II) + - S8170888, PR3314, RH1284948: [linux] Experimental support for + cgroup memory limits in container (ie Docker) environments + - S8171388: Update JNDI Thread contexts + - S8171949: [macosx] AWT_ZoomFrame Automated tests fail with + error: The bitwise mask Frame.ICONIFIED is not setwhen the + frame is in ICONIFIED state + - S8171952: [macosx] + AWT_Modality/Automated/ModalExclusion/NoExclusion/ModelessDialog + test fails as DummyButton on Dialog did not gain focus when + clicked. + - S8173030: Temporary backout fix #8035568 from 8u131-b03 + - S8173031: Temporary backout fix #8171952 from 8u131-b03 + - S8173783, PR3328: IllegalArgumentException: + jdk.tls.namedGroups + - S8173931: 8u131 L10n resource file update + - S8174844: Incorrect GPL header causes RE script to miss swap + to commercial header for licensee source bundle + - S8174985: NTLM authentication doesn't work with IIS if NTLM + cache is disabled + - S8176044: (tz) Support tzdata2017a + * Backports + - S6457406, PR3335: javadoc doesn't handle properly in producing index pages + - S8030245, PR3335: Update langtools to use try-with-resources + and multi-catch + - S8030253, PR3335: Update langtools to use strings-in-switch + - S8030262, PR3335: Update langtools to use foreach loops + - S8031113, PR3337: TEST_BUG: + java/nio/channels/AsynchronousChannelGroup/Basic.java fails + intermittently + - S8031625, PR3335: javadoc problems referencing inner class + constructors + - S8031649, PR3335: Clean up javadoc tests + - S8031670, PR3335: Remove unneeded -source options in javadoc + tests + - S8032066, PR3335: Serialized form has broken links to non + private inner classes of package private + - S8034174, PR2290: Remove use of JVM_* functions from java.net + code + - S8034182, PR2290: Misc. warnings in java.net code + - S8035876, PR2290: AIX build issues after '8034174: Remove use + of JVM_* functions from java.net code' + - S8038730, PR3335: Clean up the way JavadocTester is invoked, + and checks for errors. + - S8040903, PR3335: Clean up use of BUG_ID in javadoc tests + - S8040904, PR3335: Ensure javadoc tests do not overwrite + results within tests + - S8040908, PR3335: javadoc test TestDocEncoding should use + -notimestamp + - S8041150, PR3335: Avoid silly use of static methods in + JavadocTester + - S8041253, PR3335: Avoid redundant synonyms of NO_TEST + - S8043780, PR3368: Use open(O_CLOEXEC) instead of + fcntl(FD_CLOEXEC) + - S8061305, PR3335: Javadoc crashes when method name ends with + "Property" + - S8072452, PR3337: Support DHE sizes up to 8192-bits and DSA + sizes up to 3072-bits + - S8075565, PR3337: Define @intermittent jtreg keyword and mark + intermittently failing jdk tests + - S8075670, PR3337: Remove intermittent keyword from some tests + - S8078334, PR3337: Mark regression tests using randomness + - S8078880, PR3337: Mark a few more intermittently failuring + security-libs + - S8133318, PR3337: Exclude intermittent failing PKCS11 tests + on Solaris SPARC 11.1 and earlier + - S8144539, PR3337: Update PKCS11 tests to run with security + manager + - S8144566, PR3352: Custom HostnameVerifier disables SNI + extension + - S8153711, PR3313, RH1284948: [REDO] JDWP: Memory Leak: + GlobalRefs never deleted when processing invokeMethod command + - S8155049, PR3352: New tests from 8144566 fail with "No + expected Server Name Indication" + - S8173941, PR3326: SA does not work if executable is DSO + - S8174164, PR3334, RH1417266: SafePointNode::_replaced_nodes + breaks with irreducible loops + - S8174729, PR3336, RH1420518: Race Condition in + java.lang.reflect.WeakCache + - S8175097, PR3334, RH1417266: [TESTBUG] 8174164 fix missed the + test + * Bug fixes + - PR3348: Architectures unsupported by SystemTap tapsets throw + a parse error + - PR3378: Perl should be mandatory + - PR3389: javac.in and javah.in should use @PERL@ rather than a + hardcoded path + * AArch64 port + - S8168699, PR3372: Validate special case invocations [AArch64 + support] + - S8170100, PR3372: AArch64: Crash in C1-compiled code + accessing References + - S8172881, PR3372: AArch64: assertion failure: the int + pressure is incorrect + - S8173472, PR3372: AArch64: C1 comparisons with null only use + 32-bit instructions + - S8177661, PR3372: Correct ad rule output register types from + iRegX to iRegXNoSp + * AArch32 port + - PR3380: Zero should not be enabled by default on arm with the + AArch32 HotSpot build + - PR3384, S8139303, S8167584: Add support for AArch32 + architecture to configure and jdk makefiles + - PR3385: aarch32 does not support -Xshare:dump + - PR3386, S8164652: AArch32 jvm.cfg wrong for C1 build + - PR3387: Installation fails on arm with AArch32 port as + INSTALL_ARCH_DIR is arm, not aarch32 + - PR3388: Wrong path for jvm.cfg being used on arm with AArch32 + build + * Shenandoah + - Fix Shenandoah argument checking on 32bit builds. + - Import from Shenandoah tag + aarch64-shenandoah-jdk8u101-b14-shenandoah-merge-2016-07-25 + - Import from Shenandoah tag + aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-02-20 + - Import from Shenandoah tag + aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-03-06 + - Import from Shenandoah tag + aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-03-09 + - Import from Shenandoah tag + aarch64-shenandoah-jdk8u121-b14-shenandoah-merge-2017-03-23 + +------------------------------------------------------------------- +Wed Mar 1 08:41:19 UTC 2017 - fstrba@suse.com + +- Fix build of Sun Elliptical Curves Crypto provider on Tumbleweed. + Fixes bsc#1026102. +- Clean the mozilla-nss requires and move them into the headless + +------------------------------------------------------------------- +Tue Feb 21 07:18:27 UTC 2017 - asn@cryptomilk.org + +- Add a test to check that ECC is working + * new file TestECDSA.java + +------------------------------------------------------------------- +Wed Feb 1 12:54:10 UTC 2017 - fstrba@suse.com + +- Don't run bootstrap build for s390, since it is broken, instead + introduce a little cycle on this platform, in order to have + working openjdk8 + +------------------------------------------------------------------- +Sun Jan 29 20:44:57 UTC 2017 - fstrba@suse.com + +- Upgrade to version jdk8u121 (icedtea 3.3.0) - bsc#1020905 + * Security fixes + - S8138725: Add options for Javadoc generation + - S8140353: Improve signature checking + - S8151934, CVE-2017-3231: Resolve class resolution + - S8156804, CVE-2017-3241: Better constraint checking + - S8158406: Limited Parameter Processing + - S8158997: JNDI Protocols Switch + - S8159507: RuntimeVisibleAnnotation validation + - S8161218: Better bytecode loading + - S8161743, CVE-2017-3252: Provide proper login context + - S8162577: Standardize logging levels + - S8162973: Better component components + - S8164143, CVE-2017-3260: Improve components for menu items + - S8164147, CVE-2017-3261: Improve streaming socket output + - S8165071, CVE-2016-2183: Expand TLS support + - S8165344, CVE-2017-3272: Update concurrency support + - S8166988, CVE-2017-3253: Improve image processing performance + - S8167104, CVE-2017-3289: Additional class construction + refinements + - S8167223, CVE-2016-5552: URL handling improvements + - S8168705, CVE-2016-5547: Better ObjectIdentifier validation + - S8168714, CVE-2016-5546: Tighten ECDSA validation + - S8168728, CVE-2016-5548: DSA signing improvments + - S8168724, CVE-2016-5549: ECDSA signing improvments + * New features + - PR3300: wget not required when downloading is disabled + - PR3301: Support RHEL multilib installations which use the + /usr/lib/jvm/java-1.x.0-openjdk.${arch} naming + - PR3303: Allow Kerberos to be detected by old libs & headers + method if pkg-config check fails + * Import of OpenJDK 8 u112 build 16 + - S6477756: GraphicsDevice.getConfigurations() is slow taking 3 + or more seconds + - S7172749: Xrender: Class cast exception in 2D code running an + AWT regression test + - S8017629: G1: UseSHM in combination with a G1HeapRegionSize > + os::large_page_size() falls back to use small pages + - S8022203: Intermittent test failures in demo/jvmti/hprof + - S8022582: Relax response flags checking in + sun.security.krb5.KrbKdcRep.check. + - S8027575: b113 causing a lot of memory allocation and + regression for wls_webapp_atomics + - S8028486: java/awt/Window/WindowsLeak/WindowsLeak.java fails + - S8030780: test/com/sun/corba/cachedSocket/7056731.sh leaves + HelloServer behind + - S8036630: Null ProtectionDomain in JVM can cause NPE because + principals field is not initialized to an empty array + - S8042660: vm/mlvm/anonloader/stress/byteMutation failed with: + assert(index >=0 && index < _length) failed: symbol index + overflow + - S8044193: Need to add known answer tests for AES cipher + - S8044575: testlibrary_tests/whitebox/vm_flags/UintxTest.java + failed: assert(!res || + TypeEntriesAtCall::arguments_profiling_enabled()) failed: no + profiling of arguments + - S8048601: Tests for JCE crypto ciphers (part 1) + - S8048621: Implement basic keystore tests + - S8048622: Enhance tests for PKCS11 keystores with NSS + - S8049021: Add smartcardio tests with APDU buffer + - S8049312: AES/CICO test failed with on several modes + - S8050402: Tests to check for use of policy files + - S8050409: Test for JAAS getPrivateCredentials + - S8054326: Confusing message in "Current rem set statistics" + - S8055772: get_source.sh : version check assumes English + localization + - S8057791: Selection in JList is drawn with wrong colors in + Nimbus L&F + - S8058865: JMX Test Refactoring + - S8067964: Native2ascii doesn't close one of the streams it + opens + - S8071487: + javax/management/monitor/GaugeMonitorDeadlockTest.java timed + out + - S8071909: Port testlibrary improvments in jdk/test to + hotspot/test as required for DCMD test port + - S8073542: File Leak in + jdk/src/java/base/unix/native/libnet/PlainDatagramSocketImpl.c + - S8074784: Additional tests for XML DSig API + - S8075007: Additional tests for krb5-related cipher suites + with unbound server + - S8075297: Tests for RFEs 4515853 and 4745056 + - S8075299: Additional tests for krb5 settings + - S8075301: Tests for sun.security.krb5.principal system + property + - S8077276: allocating heap with UseLargePages and HugeTLBFS + may trash existing memory mappings (linux) + - S8078268: javax.swing.text.html.parser.Parser parseScript + incorrectly optimized + - S8078382: Wrong glyph is displayed for a derived font + - S8080729: [macosx] java 7 and 8 JDialogs on multiscreen jump + to parent frame on focus + - S8085903: New fix for memory leak in ProtectionDomain cache + - S8098581: SecureRandom.nextBytes() hurts performance with + small size requests + - S8129740: Incorrect class file created when passing lambda in + inner class constructor + - S8130127: streamline input parameter of Nashorn scripting + $EXEC function + - S8130309: Need to bailout cleanly if creation of stubs fails + when codecache is out of space + - S8130317: "ant test" fails to complete on Windows when run + under cygwin shell + - S8133070: Hot lock on BulkCipher.isAvailable + - S8133309: Some unicode characters do not display any more + after upgrading to Windows 10 + - S8134232: KeyStore.load() throws an IOException with a wrong + cause in case of wrong password + - S8135322: ConstantPool::release_C_heap_structures not run in + some circumstances + - S8136998: JComboBox prevents wheel mouse scrolling of + JScrollPane + - S8137240: Negative lookahead in RegEx breaks backreference + - S8138906: [TEST_BUG] Test test/script/trusted/JDK-8087292.js + intermittently fails. + - S8141148: LDAP "follow" throws ClassCastException with Java 8 + - S8141541: Simplify Nashorn's Context class loader handling + - S8143640: Showing incorrect result while passing specific + argument in the Java launcher tools + - S8143642: Nashorn shebang argument handling is broken + - S8144160: Regression: two tests fail on Windows with "ant + test" target + - S8144221: fix Nashorn shebang argument handling on Mac/Linux + - S8144703: ClassCastException: sun.font.CompositeFont cannot + be cast to PhysicalFont + - S8145305: fix Nashorn shebang handling on Cygwin + - S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks + - S8146975: NullPointerException in + IIOPInputStream.inputClassFields + - S8147026: Convert an assert in ClassLoaderData to a guarantee + - S8147451: Crash in + Method::checked_resolve_jmethod_id(_jmethodID*) + - S8147585: Annotations with lambda expressions has parameter + result in wrong behavior. + - S8147969: Print size of DH keysize when errors are encountered + - S8148140: arguments are handled differently in apply for JS + functions and AbstractJSObjects + - S8148984: [macosx] Chinese Comma cannot be entered using + Pinyin Input Method on OS X + - S8150219: ReferenceError in 1.8.0_72 + - S8150234: Windows 10 App Containers disallow access to ICMP + calls + - S8150814: correct package declaration in Nashorn test + - S8151722: TESTBUG: New test compiler/native/TestDirtyInt.sh + should be modified + - S8153149: Uninitialised memory in WinAccessBridge.cpp:1128 + - S8153192: (se) Selector.select(long) uses wrong timeout after + EINTR (lnx) + - S8153781: Issue in XMLScanner: + EXPECTED_SQUARE_BRACKET_TO_CLOSE_INTERNAL_SUBSET when skipping + large DOCTYPE section with CRLF at wrong place + - S8153948: sun/security/mscapi/ShortRSAKey1024.sh fails with + "Field length overflow" + - S8154009: Some methods of java.security.Security require more + permissions, than necessary + - S8154069: Jaws reads wrong values from comboboxes when no + element is selected + - S8154144: Tests in com/sun/jdi fails intermittently with "jdb + input stream closed prematurely" + - S8154469: Update FSF address + - S8154553: Incorrect GPL header in package-info.java reported + - S8154558: Incorrect GPL header in ProcessEnvironment_md.c + reported + - S8154816: Caps Lock doesn't work as expected when using + Pinyin Simplified input method + - S8154831: CastII/ConvI2L for a range check is prematurely + eliminated + - S8155001: SystemTray.remove() leaks GDI Objects in Windows + - S8155106: MHs.Lookup.findConstructor returns handles for + array classes + - S8155214: java/lang/invoke/PermuteArgsTest.java fails due to + exhausted code cache + - S8156478: 3 Buffer overrun defect groups in jexec.c + - S8156521: Minor fixes and cleanups in NetworkInterface.c + - S8156714: Parsing issue with automatic semicolon insertion + - S8156836: SIGSEGV: Test + test/compiler/jsr292/VMAnonymousClasses.java fails with JTREG + 4.2 b02 + - S8156896: Script stack trace should display function names + - S8157160: JSON.stringify does not work on ScriptObjectMirror + objects + - S8157242: Some java/lang/invoke tests miss othervm + - S8157444: exclude jjs shebang handling test from runs + - S8157603: TestCipher.java doesn't check one of the decrypted + message as expected + - S8157680: Callback parameter of any JS builtin implementation + should accept any Callable + - S8157819: TypeError when a java.util.Comparator object is + invoked as a function + - S8158059: The fix for 8050402 was partially committed + - S8158072: Need a test for JDK-7172749 + - S8158111: Make handling of 3rd party providers more stable + - S8158178: java.awt.SplashScreen.getSize() returns incorrect + size for high dpi splash screens + - S8158338: Nashorn's ScriptLoader split delegation has to be + adjusted + - S8158373: SIGSEGV: Metadata::mark_on_stack + - S8158467: AccessControlException is thrown on public Java + class access if "script app loader" is set to null + - S8158495: CCE: sun.java2d.NullSurfaceData cannot be cast to + sun.java2d.opengl.OGLSurfaceData + - S8158802: com.sun.jndi.ldap.SimpleClientId produces wrong + hash code + - S8158871: Long response times with G1 and StringDeduplication + - S8159822: Non-synchronized access to shared members of + com.sun.jndi.ldap.pool.Pool + - S8160122: Backport of JDK-8159244 used wrong version of the + JDK 9 fix + - S8160518: Semicolon is not recognized as comment starting + character (Kerberos) + - S8160693: ScriptRunData.java uses bitwise AND instead of + logical AND + - S8161144: Fix for JDK-8147451 failed: Crash in + Method::checked_resolve_jmethod_id(_jmethodID*) + - S8162510: 8u112 L10n resource file updates + - S8164453: 8u112 L10n resource file update - msgdrop 20 + * Import of OpenJDK 8 u121 build 13 + - S8037099: [macosx] Remove all references to GC from native + OBJ-C code + - S8059212: Modify sun/security/smartcardio manual regression + tests so that they do not just fail if no cardreader found + - S8139565: Restrict certificates with DSA keys less than 1024 + bits + - S8140422: Add mechanism to allow non default root CAs to be + not subject to algorithm restrictions + - S8148516: Improve the default strength of EC in JDK + - S8151893: Add security property to configure XML Signature + secure validation mode + - S8152438: Threads may do significant work out of the + non-shared overflow buffer + - S8153438: Avoid repeated "Please insert a smart card" popup + windows + - S8154005: Add algorithm constraint that specifies the + restriction date + - S8154015: Apply algorithm constraints to timestamped code + - S8159410: InetAddress.isReachable returns true for non + existing IP adresses + - S8160108: Implement Serialization Filtering + - S8161228: URL objects with custom protocol handlers have port + changed after deserializing + - S8161571: Verifying ECDSA signatures permits trailing bytes + - S8163304: jarsigner -verbose -verify should print the + algorithms used to sign the jar + - S8163583: [macosx] Press "To Back" button on the Dialog, the + Dialog moves behind the Frame + - S8164908: ReflectionFactory support for IIOP and custom + serialization + - S8165230: RMIConnection addNotificationListeners failing with + specific inputs + - S8166389: [TEST_BUG] + closed/java/security/Security/ReadProp/ReadProp.sh failing + - S8166393: disabledAlgorithms property should not be strictly + parsed + - S8166432: Bad 8u112 merge of + sun/security/tools/jarsigner/warnings/Test.java + - S8166591: [macos 10.12] Trackpad scrolling of text on OS X + 10.12 Sierra is very fast (Trackpad, Retina only) + - S8166739: Improve extensibility of ObjectInputFilter + information passed to the filter + - S8166875: (tz) Support tzdata2016g + - S8166878: Connection reset during TLS handshake + - S8167356: Follow up fix for jdk8 backport of 8164143. Changes + for CMenuComponent.m were missed + - S8167459: Add debug output for indicating if a chosen + ciphersuite was legacy + - S8167472: Chrome interop regression with JDK-8148516 + - S8167591: Add MD5 to signed JAR restrictions + - S8168861: AnchorCertificates uses hardcoded password for + cacerts keystore + - S8168963: Backout JDK-8154005 + - S8168993: JDK8u121 L10n resource file update + - S8169072: Backout JDK-8154015 + - S8169191: (tz) Support tzdata2016i + - S8169688: Backout (remove) MD5 from + jdk.jar.disabledAlgorithms for January CPU + - S8169911: Enhanced tests for jarsigner -verbose -verify after + JDK-8163304 + - S8170131: Certificates not being blocked by + jdk.tls.disabledAlgorithms property + - S8170268: 8u121 L10n resource file update - msgdrop 20 + * Bug fixes + - PR3271: Always round glyph advance in 26.6 space + - PR3271: Fix compatibility with vanilla Fontconfig + - PR3271: Fix glyph y advance + - PR3271: Replace 'infinality' with 'improved font rendering' + (--enable-improved-font-rendering) + - PR3271: Simplify glyph advance handling + - PR3286: -ffp-contract not available on older GCCs + - PR3302: zip should be optional, as it's only used in the + manually invoked dist-openjdk and dist-openjdk-fsg rules + - PR3304: zip still a requirement of the underlying OpenJDK + build + * PPC port + - S8170873, PR3280: PPC64/aarch64: Poor StrictMath performance + due to non-optimized compilation + * AArch64 port + - S8130309, PR3280: Need to bailout cleanly if creation of + stubs fails when codecache is out of space (AArch64 changes) + - S8132875, PR3280: AArch64: Fix error introduced into AArch64 + CodeCache by commit for 8130309 + - S8165673, PR3280: AArch64: Fix JNI floating point argument + handling + - S8170188, PR3280: jtreg test + compiler/types/TestMeetIncompatibleInterfaceArrays.java causes + JVM crash + - S8170873, PR3280: PPC64/aarch64: Poor StrictMath performance + due to non-optimized compilation +- Modified patch: + * java-1_8_0-openjdk-gcc6.patch + - rediff to changed context +- Require the exact version of mozilla-nss that the package was + built against (bsc#1022053) + +------------------------------------------------------------------- +Wed Nov 9 16:08:00 UTC 2016 - fstrba@suse.com + +- Upgrade to version jdk8u111 (icedtea 3.2.0) + * Security fixes + + S8146490: Direct indirect CRL checks + + S8151921: Improved page resolution + + S8155968: Update command line options + + S8155973, CVE-2016-5542: Tighten jar checks (bsc#1005522) + + S8156794: Extend data sharing + + S8157176: Improved classfile parsing + + S8157739, CVE-2016-5554: Classloader Consistency Checking + (bsc#1005523) + + S8157749: Improve handling of DNS error replies + + S8157753: Audio replay enhancement + + S8157759: LCMS Transform Sampling Enhancement + + S8157764: Better handling of interpolation plugins + + S8158302: Handle contextual glyph substitutions + + S8158993, CVE-2016-5568: Service Menu services (bsc#1005525) + + S8159495: Fix index offsets + + S8159503: Amend Annotation Actions + + S8159511: Stack map validation + + S8159515: Improve indy validation + + S8159519, CVE-2016-5573: Reformat JDWP messages (bsc#1005526) + + S8160090: Better signature handling in pack200 + + S8160094: Improve pack200 layout + + S8160098: Clean up color profiles + + S8160591, CVE-2016-5582: Improve internal array handling + (bsc#1005527) + + S8160838, CVE-2016-5597: Better HTTP service (bsc#1005528) + + PR3206, RH1367357: lcms2: Out-of-bounds read in + Type_MLU_Read() + + CVE-2016-5556 (bsc#1005524) + * New features + + PR1370: Provide option to build without debugging + + PR1375: Provide option to strip and link debugging info after + build + + PR1537: Handle alternative Kerberos credential cache + locations + + PR1978: Allow use of system PCSC + + PR2445: Support system libsctp + + PR3182: Support building without pre-compiled headers + + PR3183: Support Fedora/RHEL system crypto policy + + PR3221: Use pkgconfig to detect Kerberos CFLAGS and libraries + * Import of OpenJDK 8 u102 build 14 + + S4515292: ReferenceType.isStatic() returns true for arrays + + S4858370: JDWP: Memory Leak: GlobalRefs never deleted when + processing invokeMethod command + + S6976636: JVM/TI test ex03t001 fails assertion + + S7185591: jcmd-big-script.sh ERROR: could not find app's Java + pid. + + S8017462: G1: guarantee fails with + UseDynamicNumberOfGCThreads + + S8034168: ThreadMXBean/Locks.java failed, blocked on wrong + object + + S8036006: [TESTBUG] sun/tools/native2ascii/NativeErrors.java + fails: Process exit code was 0, but error was expected. + + S8041781: Need new regression tests for PBE keys + + S8041787: Need new regressions tests for buffer handling for + PBE algorithms + + S8043836: Need new tests for AES cipher + + S8044199: Tests for RSA keys and key specifications + + S8044772: TempDirTest.java still times out with -Xcomp + + S8046339: sun.rmi.transport.DGCAckHandler leaks memory + + S8047031: Add SocketPermission tests for legacy socket types + + S8048052: Permission tests for setFactory + + S8048138: Tests for JAAS callbacks + + S8048147: Privilege tests with JAAS Subject.doAs + + S8048356: SecureRandom default provider tests + + S8048357: PKCS basic tests + + S8048360: Test signed jar files + + S8048362: Tests for doPrivileged with accomplice + + S8048596: Tests for AEAD ciphers + + S8048599: Tests for key wrap and unwrap operations + + S8048603: Additional tests for MAC algorithms + + S8048604: Tests for strong crypto ciphers + + S8048607: Test key generation of DES and DESEDE + + S8048610: Implement regression test for bug fix of 4686632 + in JCE + + S8048617: Tests for PKCS12 read operations + + S8048618: Tests for PKCS12 write operations. + + S8048619: Implement tests for converting PKCS12 keystores + + S8048624: Tests for SealedObject + + S8048819: Implement reliability test for DH algorithm + + S8048820: Implement tests for SecretKeyFactory + + S8048830: Implement tests for new functionality provided in + JEP 166 + + S8049237: Need new tests for X509V3 certificates + + S8049321: Support SHA256WithDSA in JSSE + + S8049429: Tests for java client server communications with + various TLS/SSL combinations. + + S8049432: New tests for TLS property jdk.tls.client.protocols + + S8049814: Additional SASL client-server tests + + S8050281: New permission tests for JEP 140 + + S8050370: Need new regressions tests for messageDigest with + DigestIOStream + + S8050371: More MessageDigest tests + + S8050374: More Signature tests + + S8050427: LoginContext tests to cover JDK-4703361 + + S8050460: JAAS login/logout tests with LoginContext + + S8050461: Tests for syntax checking of JAAS configuration + file + + S8054278: Refactor jps utility tests + + S8055530: assert(_exits.control()->is_top() || + !_gvn.type(ret_phi)->empty()) failed: return value must be + well defined + + S8055844: [TESTBUG] + test/runtime/NMT/VirtualAllocCommitUncommitRecommit.java + fails on Solaris Sparc due to incorrect page size being used + + S8059677: Thread.getName() instantiates Strings + + S8061464: A typo in CipherTestUtils test + + S8062536: [TESTBUG] Conflicting GC combinations in jdk tests + + S8065076: java/net/SocketPermission/SocketPermissionTest.java + fails intermittently + + S8065078: NetworkInterface.getNetworkInterfaces() triggers + intermittent test failures + + S8066871: java.lang.VerifyError: Bad local variable type - + local final String + + S8068427: Hashtable deserialization reconstitutes table with + wrong capacity + + S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs + to be updated for JDK-8061210 + + S8069253: javax/net/ssl/TLS/TestJSSE.java failed on Mac + + S8071125: Improve exception messages in URLPermission + + S8072081: Supplementary characters are rejected in comments + + S8072463: Remove requirement that AKID and SKID have to match + when building certificate chain + + S8072725: Provide more granular levels for GC verification + + S8073400: Some Monospaced logical fonts have a different + width + + S8073872: Schemagen fails with StackOverflowError if element + references containing class + + S8074931: Additional tests for CertPath API + + S8075286: Additional tests for signature algorithm OIDs and + transformation string + + S8076486: [TESTBUG] + javax/security/auth/Subject/doAs/NestedActions.java fails if + extra VM options are given + + S8076545: Text size is twice bigger under Windows L&F on Win + 8.1 with HiDPI display + + S8076995: gc/ergonomics/TestDynamicNumberOfGCThreads.java + failed with java.lang.RuntimeException: 'new_active_workers' + missing from stdout/stderr + + S8079138: Additional negative tests for XML signature + processing + + S8081512: Remove sun.invoke.anon classes, or move / co-locate + them with tests + + S8081771: ProcessTool.createJavaProcessBuilder() needs new + addTestVmAndJavaOptions argument + + S8129419: heapDumper.cpp: assert(length_in_bytes > 0) failed: + nothing to copy + + S8130150: Implement BigInteger.montgomeryMultiply intrinsic + + S8130242: DataFlavorComparator transitivity exception + + S8130304: Inference: NodeNotFoundException thrown with deep + generic method call chain + + S8130425: libjvm crash due to stack overflow in executables + with 32k tbss/tdata + + S8133023: ParallelGCThreads is not calculated correctly + + S8134111: Unmarshaller unmarshalls XML element which doesn't + have the expected namespace + + S8135259: InetAddress.getAllByName only reports "unknown + error" instead of actual cause + + S8136506: Include sun.arch.data.model as a property that can + be queried by jtreg + + S8137068: Tests added in JDK-8048604 fail to compile + + S8139040: Fix initializations before ShouldNotReachHere() + etc. and enable -Wuninitialized on linux. + + S8139581: AWT components are not drawn after removal and + addition to a container + + S8141243: Unexpected timezone returned after parsing a date + + S8141420: Compiler runtime entries don't hold Klass* from + being GCed + + S8141445: Use of Solaris/SPARC M7 libadimalloc.so can + generate unknown signal in hs_err file + + S8141551: C2 can not handle returns with inccompatible + interface arrays + + S8143377: Test PKCS8Test.java fails + + S8143647: Javac compiles method reference that allows results + in an IllegalAccessError + + S8144144: ORB destroy() leaks filedescriptors after + unsuccessful connection + + S8144593: Suppress not recognized property/feature warning + messages from SAXParser + + S8144957: Remove PICL warning message + + S8145039: JAXB marshaller fails with ClassCastException on + classes generated by xjc + + S8145228: Java Access Bridge, + getAccessibleStatesStringFromContext doesn't wrap the call to + getAccessibleRole + + S8145388: URLConnection.guessContentTypeFromStream returns + image/jpg for some JPEG images + + S8145974: XMLStreamWriter produces invalid XML for surrogate + pairs on OutputStreamWriter + + S8146035: Windows - With LCD antialiasing, some glyphs are + not rendered correctly + + S8146192: Add test for JDK-8049321 + + S8146274: Thread spinning on WeakHashMap.getEntry() with + concurrent use of nashorn + + S8147468: Allow users to bound the size of buffers cached in + the per-thread buffer caches + + S8147645: get_ctrl_no_update() code is wrong + + S8147807: crash in libkcms.so on linux-sparc + + S8148379: jdk.nashorn.api.scripting spec. adjustments, + clarifications + + S8148627: RestrictTestMaxCachedBufferSize.java to 64-bit + platforms + + S8148820: Missing @since Javadoc tag in Logger.log(Level, + Supplier) + + S8148926: Call site profiling fails on braces-wrapped + anonymous function + + S8149017: Delayed provider selection broken in RSA client key + exchange + + S8149029: Secure validation of XML based digital signature + always enabled when checking wrapping attacks + + S8149330: Capacity of StringBuilder should not get close to + Integer.MAX_VALUE unless necessary + + S8149334: JSON.parse(JSON.stringify([])).push(10) creates an + array containing two elements + + S8149368: [hidpi] JLabel font is twice bigger than JTextArea + font on Windows 7,HiDPI, Windows L&F + + S8149411: PKCS12KeyStore cannot extract AES Secret Keys + + S8149417: Use final restricted flag + + S8149450: LdapCtx.processReturnCode() throwing Null Pointer + Exception + + S8149453: [hidpi] JFileChooser does not scale properly on + Windows with HiDPI display and Windows L&F + + S8149543: range check CastII nodes should not be split + through Phi + + S8149743: JVM crash after debugger hotswap with lambdas + + S8149744: fix testng.jar delivery in Nashorn build.xml + + S8149915: enabling validate-annotations feature for xsd + schema with annotation causes NPE + + S8150002: Check for the validity of oop before printing it in + verify_remembered_set + + S8150470: JCK: api/xsl/conf/copy/copy19 test failure + + S8150518: G1 GC crashes at + G1CollectedHeap::do_collection_pause_at_safepoint(double) + + S8150533: Test + java/util/logging/LogManagerAppContextDeadlock.java times out + intermittently. + + S8150704: XALAN: ERROR: 'No more DTM IDs are available' when + transforming with lots of temporary result trees + + S8150780: Repeated offer and remove on ConcurrentLinkedQueue + lead to an OutOfMemoryError + + S8151064: com/sun/jdi/RedefineAddPrivateMethod.sh fails + intermittently + + S8151197: [TEST_BUG] Need to backport fix for + test/javax/net/ssl/TLS/TestJSSE.java + + S8151352: jdk/test/sample fails with "effective library path + is outside the test suite" + + S8151431: DateFormatSymbols triggers this.clone() in the + constructor + + S8151535: TESTBUG: java/lang/invoke/AccessControlTest.java + should be modified to run with JTREG 4.1 b13 + + S8151731: Add new jtreg keywords to jdk 8 + + S8151998: VS2010 ThemeReader.cpp(758) : error C3861: 'round': + identifier not found + + S8152927: Incorrect GPL header in StubFactoryDynamicBase.java + reported + + S8153252: SA: Hotspot build on Windows fails if make/closed + folder does not exist + + S8153531: Improve exception messaging for RSAClientKeyExchange + + S8153641: assert(thread_state == _thread_in_native) failed: + Assumed thread_in_native while heap dump + + S8153673: [BACKOUT] JDWP: Memory Leak: GlobalRefs never + deleted when processing invokeMethod command + + S8154304: NullpointerException at + LdapReferralException.getReferralContext + + S8154722: Test gc/ergonomics/TestDynamicNumberOfGCThreads.java + fails + + S8157078: 8u102 L10n resource file updates + + S8157838: Personalized Windows Font Size is not taken into + account in Java8u102 + * Import of OpenJDK 8 u111 build 14 + + S6882559: new JEditorPane("text/plain","") fails for null + context class loader + + S8049171: Additional tests for jarsigner's warnings + + S8063086: Math.pow yields different results upon repeated + calls + + S8140530: Creating a VolatileImage with size 0,0 results in + no longer working g2d.drawString + + S8142926: OutputAnalyzer's shouldXXX() calls return this + + S8147077: IllegalArgumentException thrown by + api/java_awt/Component/FlipBufferStrategy/indexTGF_General + + S8148127: IllegalArgumentException thrown by JCK test + api/java_awt/Component/FlipBufferStrategy/indexTGF_General + in opengl pipeline + + S8150611: Security problem on sun.misc.resources.Messages* + + S8153399: Constrain AppCDS behavior (back port) + + S8157653: [Parfait] Uninitialised variable in awt_Font.cpp + + S8158734: JEditorPane.createEditorKitForContentType throws + NPE after 6882559 + + S8158994: Service Menu services + + S8159684: (tz) Support tzdata2016f + + S8160904: Typo in code from 8079718 fix : + enableCustomValueHanlde + + S8160934: isnan() is not available on older MSVC compilers + + S8161141: correct bugId for JDK-8158994 fix push + + S8162411: Service Menu services 2 + + S8162419: closed/com/oracle/jfr/runtime/TestVMInfoEvent.sh + failing after JDK-8155968 + + S8162511: 8u111 L10n resource file updates + + S8162792: Remove constraint DSA keySize < 1024 from + jdk.jar.disabledAlgorithms in jdk8 + + S8164452: 8u111 L10n resource file update - msgdrop 20 + + S8165816: jarsigner -verify shows jar unsigned if it was + signed with a weak algorithm + + S8166381: Back out changes to the java.security file to not + disable MD5 + * Backports + + S8078628, PR3208: Zero build fails with pre-compiled headers + disabled + + S8141491, PR3159, G592292: Unaligned memory access in Bits.c + + S8157306, PR3121: Random infrequent null pointer exceptions + in javac (enabled on AArch64 only) + + S8162384, PR3122: Performance regression: bimorphic inlining + may be bypassed by type speculation + * Bug fixes + + PR3123: Some object files built without -fPIC on x86 only + + PR3126: pax-mark-vm script calls "exit -1" which is invalid + in dash + + PR3127, G590348: Only apply PaX markings by default on + running PaX kernels + + PR3199: Invalid nashorn URL + + PR3201: Update infinality configure test + + PR3218: PR3159 leads to build failure on clean tree + * AArch64 port + + S8131779, PR3220: AARCH64: add Montgomery multiply intrinsic + + S8167200, PR3220: AArch64: Broken stack pointer adjustment in + interpreter + + S8167421, PR3220: AArch64: in one core system, fatal error: + Illegal threadstate encountered + + S8167595, PR3220: AArch64: SEGV in stub code + cipherBlockChaining_decryptAESCrypt + + S8168888, PR3220: Port 8160591: Improve internal array + handling to AArch64. + * Shenandoah + + PR3224: Shenandoah broken when building without pre-compiled + headers +- Modified patch: + * java-1_8_0-openjdk-gcc6.patch + + rediff to a changed context +- Build against system kerberos for openSUSE 13.1 and greater and + SLE12 +- Build against system pcsc and sctp for openSUSE 13.2 and greater + and SLE12 + +------------------------------------------------------------------- +Wed Sep 21 09:50:30 UTC 2016 - fstrba@suse.com + +- Added patch: + * s390-java-opts.patch + - Solve memory issues when building s390 version + +------------------------------------------------------------------- +Tue Jul 26 05:57:42 UTC 2016 - fstrba@suse.com + +- Upgrade to version jdk8u101 (icedtea 3.1.0) +- New in release 3.1.0 (2016-07-25): + * Security fixes + - S8079718, CVE-2016-3458: IIOP Input Stream Hooking + (bsc#989732) + - S8145446, CVE-2016-3485: Perfect pipe placement (Windows + only) (bsc#989734) + - S8146514: Enforce GCM limits + - S8147771: Construction of static protection domains under + Javax custom policy + - S8148872, CVE-2016-3500: Complete name checking (bsc#989730) + - S8149070: Enforce update ordering + - S8149962, CVE-2016-3508: Better delineation of XML processing + (bsc#989731) + - S8150752: Share Class Data + - S8151925: Font reference improvements + - S8152479, CVE-2016-3550: Coded byte streams (bsc#989733) + - S8153312: Constrain AppCDS behavior + - S8154475, CVE-2016-3587: Clean up lookup visibility + (bsc#989721) + - S8155981, CVE-2016-3606: Bolster bytecode verification + (bsc#989722) + - S8155985, CVE-2016-3598: Persistent Parameter Processing + (bsc#989723) + - S8158571, CVE-2016-3610: Additional method handle validation + (bsc#989725) + - CVE-2016-3552 (bsc#989726) + - CVE-2016-3511 (bsc#989727) + - CVE-2016-3503 (bsc#989728) + - CVE-2016-3498 (bsc#989729) + * New features + - S8145547, PR1061: [AWT/Swing] Conditional support for GTK 3 + on Linux + - PR2821: Support building OpenJDK with --disable-headful + - PR2931, G478960: Provide Infinality Support via fontconfig + - PR3079: Provide option to build Shenandoah on x86_64 + * Import of OpenJDK 8 u92 build 14 + - S6869327: Add new C2 flag to keep safepoints in counted + loops. + - S8022865: [TESTBUG] Compressed Oops testing needs to be + revised + - S8029630: Thread id should be displayed as a hex number in + error report + - S8029726: On OS X some dtrace probe names are mismatched with + Solaris + - S8029727: On OS X dtrace probes + CallMethodA/CallMethodV are not fired. + - S8029728: On OS X dtrace probes SetStaticBooleanField are not + fired + - S8038184: XMLSignature throws StringIndexOutOfBoundsException + if ID attribute value is empty String + - S8038349: Signing XML with DSA throws Exception when key is + larger than 1024 bits + - S8041501: ImageIO reader is not capable of reading JPEGs + without JFIF header + - S8041900: [macosx] Java forces the use of discrete GPU + - S8044363: Remove special build options for unpack200 executable + - S8046471: Use OPENJDK_TARGET_CPU_ARCH instead of legacy value + for hotspot ARCH + - S8046611: Build errors with gcc on sparc/fastdebug + - S8047763: Recognize sparc64 as a sparc platform + - S8048232: Fix for 8046471 breaks PPC64 build + - S8052396: Catch exceptions resulting from missing font cmap + - S8058563: InstanceKlass::_dependencies list isn't cleared from + empty nmethodBucket entries + - S8061624: [TESTBUG] Some tests cannot be ran under compact + profiles and therefore shall be excluded + - S8062901: Iterators is spelled incorrectly in the Javadoc for + Spliterator + - S8064330: Remove SHA224 from the default support list if + SunMSCAPI enabled + - S8065579: WB method to start G1 concurrent mark cycle should + be introduced + - S8065986: Compiler fails to NullPointerException when calling + super with Object<>() + - S8066974: Compiler doesn't infer method's generic type + information in lambda body + - S8067800: Clarify java.time.chrono.Chronology.isLeapYear for + out of range years + - S8068033: JNI exception pending in jdk/src/share/bin/java.c + - S8068042: Check jdk/src/share/native/sun/misc/URLClassPath.c + for JNI pending + - S8068162: jvmtiRedefineClasses.cpp: guarantee(false) failed: + OLD and/or OBSOLETE method(s) found + - S8068254: Method reference uses wrong qualifying type + - S8074696: Remote debugging session hangs for several minutes + when calling findBootType + - S8074935: jdk8 keytool doesn't validate pem files for RFC 1421 + correctness, as jdk7 did + - S8078423: [TESTBUG] javax/print/PrintSEUmlauts/PrintSEUmlauts.java + relies on system locale + - S8080492: [Parfait] Uninitialised variable in + jdk/src/java/desktop/windows/native/libawt/ + - S8080650: Enable stubs to use frame pointers correctly + - S8122944: perfdata used is seen as too high on sparc zone with + jdk1.9 and causes a test failure + - S8129348: Debugger hangs in trace mode with TRACE_SENDS + - S8129847: Compiling methods generated by Nashorn triggers high + memory usage in C2 + - S8130506: javac AssertionError when invoking + MethodHandle.invoke with lambda parameter + - S8130910: hsperfdata file is created in wrong directory and + not cleaned up if /tmp/hsperfdata_ has wrong permissions + - S8131129: Attempt to define a duplicate BMH$Species class + - S8131665: Bad exception message in HandshakeHash.getFinishedHash + - S8131782: C1 Class.cast optimization breaks when Class is + loaded from static final + - S8132503: [macosx] Chinese full stop symbol cannot be entered + with Pinyin IM on OS X + - S8133207: ParallelProbes.java test fails after changes for + JDK-8080115 + - S8133924: NPE may be thrown when xsltc select a non-existing + node after JDK-8062518 + - S8134007: Improve string folding + - S8134759: jdb: Incorrect stepping inside finally block + - S8134963: [Newtest] New stress test for changing the coarseness + level of G1 remembered set + - S8136442: Don't tie Certificate signature algorithms to + ciphersuites + - S8137106: EUDC (End User Defined Characters) are not displayed + on Windows with Java 8u60+ + - S8138745: Implement ExitOnOutOfMemory and CrashOnOutOfMemory + in HotSpot + - S8138764: In some cases the usage of TreeLock can be replaced + by other synchronization + - S8139373: [TEST_BUG] java/net/MulticastSocket/MultiDead.java + failed with timeout + - S8139424: SIGSEGV, Problematic frame: # V [libjvm.so+0xd0c0cc] + void InstanceKlass::oop_oop_iterate_oop_maps_specialized + - S8139436: sun.security.mscapi.KeyStore might load incomplete + data + - S8139751: Javac crash with -XDallowStringFolding=false + - S8139863: [TESTBUG] Need to port tests for JDK-8134903 to + 8u-dev + - S8139985: JNI exception pending in + jdk/src/jdk/hprof/agent/share/native/libhprof + - S8140031: SA: Searching for a value in Threads does not work + - S8140249: JVM Crashing During startUp If Flight Recording is + enabled + - S8140344: add support for 3 digit update release numbers + - S8140587: Atomic*FieldUpdaters should use Class.isInstance + instead of direct class check + - S8141260: isReachable crash in windows xp + - S8143297: Nashorn compilation time reported in nanoseconds + - S8143397: It looks like InetAddress.isReachable(timeout) works + incorrectly + - S8143855: Bad printf formatting in frame_zero.cpp + - S8143896: java.lang.Long is implicitly converted to double + - S8143963: improve ClassLoader::trace_class_path to accept an + additional outputStream* arg + - S8144020: Remove long as an internal numeric type + - S8144131: ArrayData.getInt implementations do not convert to + int32 + - S8144483: One long Safepoint pause directly after each GC log + rotation + - S8144487: PhaseIdealLoop::build_and_optimize() must restore + major_progress flag if skip_loop_opts is true + - S8144885: agent/src/os/linux/libproc.h needs to support + Linux/SPARC builds + - S8144935: C2: safepoint is pruned from a non-counted loop + - S8144937: [TEST_BUG] testlibrary_tests should be excluded for + compact1 and compact2 execution + - S8145017: Add support for 3 digit hotspot minor version numbers + - S8145099: Better error message when SA can't attach to a process + - S8145442: Add the facility to verify remembered sets for G1 + - S8145466: javac: No line numbers in compilation error + - S8145539: (coll) AbstractMap.keySet and .values should not be + volatile + - S8145550: Megamorphic invoke should use CompiledFunction + variants without any LinkLogic + - S8145669: apply2call optimized callsite fails after becoming + megamorphic + - S8145722: NullPointerException in javadoc + - S8145754: PhaseIdealLoop::is_scaled_iv_plus_offset() does not + match AddI + - S8146147: Java linker indexed property getter does not work + for computed nashorn string + - S8146566: OpenJDK build can't handle commas in LDFLAGS + - S8146725: Issues with SignatureAndHashAlgorithm.getSupportedAlgorithms + - S8146979: Backport of 8046471 breaks ppc64 build in jdk8u + because 8072383 was badly backported before + - S8147087: Race when reusing PerRegionTable bitmaps may result + in dropped remembered set entries + - S8147630: Wrong test result pushed to 8u-dev + - S8147845: Varargs Array functions still leaking longs + - S8147857: RMIConnector logs attribute names incorrectly + - S8148353: [linux-sparc] Crash in libawt.so on Linux SPARC + - S8150791: 8u76 L10n resource file translation update + * Import of OpenJDK 8 u101 build 13 + - S6483657: MSCAPI provider does not create unique alias names + - S6675699: need comprehensive fix for unconstrained ConvI2L + with narrowed type + - S8037557: test SessionCacheSizeTests.java timeout + - S8038837: Add support to jarsigner for specifying timestamp + hash algorithm + - S8081778: Use Intel x64 CPU instructions for RSA acceleration + - S8130150: Implement BigInteger.montgomeryMultiply intrinsic + - S8130735: javax.swing.TimerQueue: timer fires late when + another timer starts + - S8143913: MSCAPI keystore should accept Certificate[] in + setEntry() + - S8144313: Test SessionTimeOutTests can be timeout + - S8146240: Three nashorn files contain "GNU General Public + License" header + - S8146387: Test SSLSession/SessionCacheSizeTests socket accept + timed out + - S8146669: Test SessionTimeOutTests fails intermittently + - S8146993: Several javax/management/remote/mandatory regression + tests fail after JDK-8138811 + - S8147994: [macosx] JScrollPane jitters up/down during trackpad + scrolling on MacOS/Aqua + - S8151522: Disable 8130150 and 8081778 intrinsics by default + - S8151876: (tz) Support tzdata2016d + - S8152098: Fix 8151522 caused test + compiler/intrinsics/squaretolen/TestSquareToLen.java to fail + - S8157077: 8u101 L10n resource file updates + * Backports + - S6260348, PR3066: GTK+ L&F JTextComponent not respecting + desktop caret blink rate + - S6778087, PR1061: getLocationOnScreen() always returns (0, 0) + for mouse wheel events + - S6961123, PR2972: setWMClass fails to null-terminate WM_CLASS + string + - S8008657, PR3077: JSpinner setComponentOrientation doesn't + affect on text orientation + - S8014212, PR2866: Robot captures black screen + - S8029339, PR1061: Custom MultiResolution image support on + HiDPI displays + - S8031145, PR3077: Re-examine closed i18n tests to see it they + can be moved to the jdk repository. + - S8034856, PR3095: gcc warnings compiling + src/solaris/native/sun/security/pkcs11 + - S8034857, PR3095: gcc warnings compiling + src/solaris/native/sun/management + - S8035054, PR3095: JarFacade.c should not include ctype.h + - S8035287, PR3095: gcc warnings compiling various libraries + files + - S8038631, PR3077: Create wrapper for awt.Robot with additional + functionality + - S8039279, PR3077: Move awt tests to openjdk repository + - S8041561, PR3077: Inconsistent opacity behaviour between + JCheckBox and JRadioButton + - S8041592, PR3077: [TEST_BUG] Move 42 AWT hw/lw mixing tests + to jdk + - S8041915, PR3077: Move 8 awt tests to OpenJDK regression + tests tree + - S8043126, PR3077: move awt automated functional tests from + AWT_Events/Lw and AWT_Events/AWT to OpenJDK repository + - S8043131, PR3077: Move ShapedAndTranslucentWindows and GC + functional AWT tests to regression tree + - S8044157, PR3077: [TEST_BUG] Improve recently submitted + AWT_Mixing tests + - S8044172, PR3077: [TEST_BUG] Move regtests for 4523758 and + AltPlusNumberKeyCombinationsTest to jdk + - S8044429, PR3077: move awt automated tests for AWT_Modality + to OpenJDK repository + - S8044762, PR2960: com/sun/jdi/OptionTest.java test time out + - S8044765, PR3077: Move functional tests + AWT_SystemTray/Automated to openjdk repository + - S8047180, PR3077: Move functional tests AWT_Headless/Automated + to OpenJDK repository + - S8047367, PR3077: move awt automated tests from AWT_Modality + to OpenJDK repository - part 2 + - S8048246, PR3077: Move AWT_DnD/Clipboard/Automated functional + tests to OpenJDK + - S8049226, PR2960: com/sun/jdi/OptionTest.java test times out + again + - S8049617, PR3077: move awt automated tests from AWT_Modality + to OpenJDK repository - part 3 + - S8049694, PR3077: Migrate functional + AWT_DesktopProperties/Automated tests to OpenJDK + - S8050885, PR3077: move awt automated tests from AWT_Modality + to OpenJDK repository - part 4 + - S8051440, PR3077: move tests about maximizing undecorated to + OpenJDK + - S8052012, PR3077: move awt automated tests from AWT_Modality + to OpenJDK repository - part 5 + - S8052408, PR3077: Move AWT_BAT functional tests to OpenJDK (3 + of 3) + - S8053657, PR3077: [TEST_BUG] move some 5 tests related to + undecorated Frame/JFrame to JDK + - S8054143, PR3077: move awt automated tests from AWT_Modality + to OpenJDK repository - part 6 + - S8054358, PR3077: move awt automated tests from AWT_Modality + to OpenJDK repository - part 7 + - S8054359, PR3077: move awt automated tests from AWT_Modality + to OpenJDK repository - part 8 + - S8055360, PR3077: Move the rest part of AWT + ShapedAndTranslucent tests to OpenJDK + - S8055664, PR3077: move 14 tests about setLocationRelativeTo + to jdk + - S8055836, PR3077: move awt tests from AWT_Modality to OpenJDK + repository - part 9 + - S8056911, PR3077: Remove internal API usage from ExtendedRobot + class + - S8057694, PR3077: move awt tests from AWT_Modality to OpenJDK + repository - part 10 + - S8058959, PR1061: closed/java/awt/event/ComponentEvent/MovedResizedTwiceTest/MovedResizedTwiceTest.java + failed automatically + - S8062606, PR3077: Fix a typo in java.awt.Robot class + - S8063102, PR3077: Change open awt regression tests to avoid + sun.awt.SunToolkit.realSync, part 1 + - S8063104, PR3077: Change open awt regression tests to avoid + sun.awt.SunToolkit.realSync, part 2 + - S8063106, PR3077: Change open swing regression tests to avoid + sun.awt.SunToolkit.realSync, part 1 + - S8063107, PR3077: Change open swing regression tests to avoid + sun.awt.SunToolkit.realSync, part 2 + - S8064573, PR3077: [TEST_BUG] javax/swing/text/AbstractDocument/6968363/Test6968363.java + is asocial pressing VK_LEFT and not releasing + - S8064575, PR3077: [TEST_BUG] javax/swing/JEditorPane/6917744/bug6917744.java + 100 times press keys and never releases + - S8064809, PR3077: [TEST_BUG] javax/swing/JComboBox/4199622/bug4199622.java + contains a lot of keyPress and not a single keyRelease + - S8067441, PR3077: Some tests fails with error: cannot find symbol + getSystemMnemonicKeyCodes() + - S8068228, PR3077: Test closed/java/awt/Mouse/MaximizedFrameTest/MaximizedFrameTest + fails with GTKLookAndFeel + - S8069361, PR1061: SunGraphics2D.getDefaultTransform() does not + include scale factor + - S8073320, PR1061: Windows HiDPI Graphics support + - S8074807, PR3077: Fix some tests unnecessary using internal API + - S8076315, PR3077: move 4 manual functional swing tests to + regression suite + - S8078504, PR3094: Zero lacks declaration of + VM_Version::initialize() + - S8129822, PR3077: Define "headful" jtreg keyword + - S8132123, PR1061: MultiResolutionCachedImage unnecessarily + creates base image to get its size + - S8133539, PR1061: [TEST_BUG] Split + java/awt/image/MultiResolutionImageTest.java in two to allow + restricted access + - S8137571, PR1061: Linux HiDPI Graphics support + - S8142406, PR1061: [TEST] MultiResolution image: need test to + cover the case when @2x image is corrupted + - S8145188, PR2945: No LocalVariableTable generated for the + entire JDK + - S8150258, PR1061: [TEST] HiDPI: create a test for + multiresolution menu items icons + - S8150724, PR1061: [TEST] HiDPI: create a test for + multiresolution icons + - S8150844, PR1061: [hidpi] [macosx] -Dsun.java2d.uiScale should + be taken into account for OS X + - S8151841, PR2882: Build needs additional flags to compile with + GCC 6 [plus parts of 8149647 & 8032045] + - S8155613, PR1061: [PIT] crash in + AWT_Desktop/Automated/Exceptions/BasicTest + - S8156020, PR1061: 8145547 breaks AIX and and uses RTLD_NOLOAD + incorrectly + - S8156128, PR1061: Tests for [AWT/Swing] Conditional support + for GTK 3 on Linux + - S8158260, PR2991, RH1341258: PPC64: unaligned Unsafe.getInt can + lead to the generation of illegal instructions (bsc#988651) + - S8159244, PR3074: Partially initialized string object created + by C2's string concat optimization may escape + - S8159690, PR3077: [TESTBUG] Mark headful tests with @key + headful. + - S8160294, PR2882, PR3095: Some client libraries cannot be + built with GCC 6 + * Bug fixes + - PR1958: GTKLookAndFeel does not honor + gtk-alternative-button-order + - PR2822: Feed LIBS & CFLAGS into configure rather than make to + avoid re-discovery by OpenJDK configure + - PR2932: Support ccache in a non-automagic manner + - PR2933: Support ccache 3.2 and later + - PR2964: Set system defaults based on OS + - PR2974, RH1337583: PKCS#10 certificate requests now use CRLF + line endings rather than system line endings + - PR3078: Remove duplicated line dating back to 6788347 and + 6894807 + - PR3083, RH1346460: Regression in SSL debug output without an + ECC provider + - PR3089: Remove old memory limits patch + - PR3090, RH1204159: SystemTap is heavily confused by multiple + JDKs + - PR3095: Fix warnings in URLClassPath.c + - PR3096: Remove dead --disable-optimizations option + - PR3105: Use version from hotspot.map to create tarball filename + - PR3106: Handle both correctly-spelt property + "enableCustomValueHandler" introduced by S8079718 and typo + version + - PR3108: Shenandoah patches not included in release tarball + - PR3110: Update hotspot.map documentation in INSTALL + * AArch64 port + - S8145320, PR3078: Create unsafe_arraycopy and + generic_arraycopy for AArch64 + - S8148328, PR3078: aarch64: redundant lsr instructions in stub + code. + - S8148783, PR3078: aarch64: SEGV running SpecJBB2013 + - S8148948, PR3078: aarch64: generate_copy_longs calls align() + incorrectly + - S8149080, PR3078: AArch64: Recognise disjoint array copy in + stub code + - S8149365, PR3078: aarch64: memory copy does not prefetch on + backwards copy + - S8149907, PR3078: aarch64: use load/store pair instructions + in call_stub + - S8150038, PR3078: aarch64: make use of CBZ and CBNZ when + comparing narrow pointer with zero + - S8150045, PR3078: arraycopy causes segfaults in SATB during + garbage collection + - S8150082, PR3078: aarch64: optimise small array copy + - S8150229, PR3078: aarch64: pipeline class for several + instructions is not set correctly + - S8150313, PR3078: aarch64: optimise array copy using SIMD + instructions + - S8150394, PR3078: aarch64: add support for 8.1 LSE CAS + instructions + - S8151340, PR3078: aarch64: prefetch the destination word for + write prior to ldxr/stxr loops. + - S8151502, PR3078: optimize pd_disjoint_words and + pd_conjoint_words + - S8151775, PR3078: aarch64: add support for 8.1 LSE atomic + operations + - S8152537, PR3078: aarch64: Make use of CBZ and CBNZ when + comparing unsigned values with zero. + - S8152840, PR3078: aarch64: improve _unsafe_arraycopy stub + routine + - S8153713, PR3078: aarch64: improve short array clearing using + store pair + - S8153797, PR3078: aarch64: Add Arrays.fill stub code + - S8154537, PR3078: AArch64: some integer rotate instructions + are never emitted + - S8154739, PR3078: AArch64: TemplateTable::fast_xaccess loads + in wrong mode + - S8155015, PR3078: Aarch64: bad assert in spill generation + code + - S8155100, PR3078: AArch64: Relax alignment requirement for + byte_map_base + - S8155612, PR3078: Aarch64: vector nodes need to support + misaligned offset + - S8155617, PR3078: aarch64: ClearArray does not use DC ZVA + - S8155653, PR3078: TestVectorUnalignedOffset.java not pushed + with 8155612 + - S8156731, PR3078: aarch64: java/util/Arrays/Correct.java fails + due to _generic_arraycopy stub routine + - S8157841, PR3078: aarch64: prefetch ignores cache line size + - S8157906, PR3078: aarch64: some more integer rotate + instructions are never emitted + - S8158913, PR3078: aarch64: SEGV running Spark terasort + - S8159052, PR3078: aarch64: optimise unaligned copies in + pd_disjoint_words and pd_conjoint_words + - S8159063, PR3078: aarch64: optimise unaligned array copy long + - PR3078: Cleanup remaining differences from aarch64/jdk8u tree +- Removed patches: + * compare-pointer-with-literal.patch + * implicit-pointer-decl.patch + * hotspot-aarch64-fix-48bit-va.patch + - Fixed differently upsteam +- Modified patch: + * java-1_8_0-openjdk-gcc6.patch + - Rediff to new context +- Remove hacks to make build on ix86, since it seems they are not + needed anymore +- Remove special flags for gcc6, since they are handled upstream + +------------------------------------------------------------------- +Thu Jul 7 14:41:06 UTC 2016 - fstrba@suse.com + +- Fix script linking /usr/share/javazi/tzdb.dat for platform where + it applies (bsc#987895) +- Enable SunEC for SLE12 and Leap + +------------------------------------------------------------------- +Tue Jun 14 11:46:16 UTC 2016 - agraf@suse.com + +- Fix aarch64 running with 48 bits va space (bsc#984684) + * hotspot-aarch64-fix-48bit-va.patch + +------------------------------------------------------------------- +Fri Jun 3 09:01:23 UTC 2016 - fstrba@suse.com + +- Added patch: + * disable-doclint-by-default-patch + - Disable Doclint while building javadoc by default. OpenJDK 8 + adds and enables doclint by default. This catches issues in + javadoc comments. It is too strict, breaks javadoc compilation + and, in general, breaks the build for old code known to build + with previous versions of OpenJDK. +- Cycle make on i586 in order to prevent some random build errors + that are not easily reproduceable and thus fixable. + +------------------------------------------------------------------- +Tue May 31 06:47:43 UTC 2016 - fstrba@suse.com + +- Added patch: + * java-1_8_0-openjdk-gcc6.patch + + Fix build with gcc 6.1 +- Add -fno-delete-null-pointer-checks -fno-lifetime-dse to try to + avoid some crashes + +------------------------------------------------------------------- +Thu Apr 28 08:19:17 UTC 2016 - fstrba@suse.com + +- Upgrade to version jdk8u91 (icedtea 3.0.1, bsc#976340) +- Icedtea changes from 2.6.5 + * Security fixes + - S8129952, CVE-2016-0686: Ensure thread consistency + - S8132051, CVE-2016-0687: Better byte behavior + - S8138593, CVE-2016-0695: Make DSA more fair + - S8139008: Better state table management + - S8143167, CVE-2016-3425: Better buffering of XML strings + - S8143945, CVE-2016-3426: Better GCM validation + - S8144430, CVE-2016-3427: Improve JMX connections + - S8146494: Better ligature substitution + - S8146498: Better device table adjustments + * Import of OpenJDK 8 u91 build 14 + - S8002116: This JdbReadTwiceTest.sh gets an exit 1 + - S8007890: [TESTBUG] JcmdWithNMTDisabled.java fails when + invoked with NMT explicitly turned on + - S8036132: Tab characters in test/com/sun/jdi files + - S8038963: com/sun/jdi tests fail because cygwin's ps sometimes + misses processes + - S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when + run under root + - S8059661: Test SoftReference and OOM behavior + - S8067422: Lambda method names are unnecessarily unstable + - S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java + got OOME + - S8074146: [TEST_BUG] jdb has succeded to read an unreadable + file + - S8130212: Thread::current() might access freed memory on + Solaris + - S8132890: Text Overlapping on Dot Matrix Printers + - S8134297: NPE in GSSNameElement nameType check + - S8134650: Xsl transformation gives different results in 8u66 + - S8134828: Scrollbar thumb disappears with Nimbus L&F + - S8138589: Correct limits on unlimited cryptography + - S8138811: Construction of static protection domains + - S8140268: Generate link to specification license for JavaDoc + API documentation + - S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp + of cmserr.c + - S8143002: [Parfait] JNI exception pending in fontpath.c:1300 + - S8143959: Certificates requiring blacklisting + - S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again + - S8146518: Zero interpreter broken with better byte behaviour + - S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java + should use 4-args ProtectionDomain constructor + - S8147567: InterpreterRuntime::post_field_access not updated + for boolean in JDK-8132051 + - S8148446: (tz) Support tzdata2016a + - S8148475: Missing SA Bytecode updates. + - S8148487: PPC64: Better byte behavior + - S8148522: Backout JDK-8138811 from 2016 Apr CPU repo + - S8149170: Better byte behavior for native arguments + - S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with + IOE: Invalid encoding for PolicyQualifierInfo + - S8150012: Better byte behavior for reflection + - S8150790: 8u75 L10n resource file translation update + * Backports + - S8148752, PR2943: Compiled StringBuilder code throws + StringIndexOutOfBoundsException + - S8154210: Zero: Better byte behaviour + - S8154413: AArch64: Better byte behaviour + - S4890063, PR2304, RH1214835: HPROF: default text truncated + when using doe=n option + - S6425769, PR2859: Allow specifying an address to bind JMX + remote connector + - S8000650, PR2462: unpack200.exe should check gzip crc + - S8031668, PR2842: TOOLCHAIN_FIND_COMPILER unexpectedly + resolves symbolic links + - S8035341: Allow using a system installed libpng + - S8038392: Generating prelink cache breaks JAVA 'jinfo' utility + normal behavior + - S8042159: Allow using a system-installed lcms2 + - S8042806: Splashscreen uses libjpeg-internal macros + - S8043805: Allow using a system-installed libjpeg + - S8044235: src.zip should include all sources + - S8074839, PR2462: Resolve disabled warnings for libunpack and + the unpack200 binary + - S8074859, PR1937: Turn on warnings as error + - S8087218, PR2740: Constant fold loads from final instance + fields in VM anonymous classes + - S8139932, PR2739: Typo in makefile changes for 8043805 [Allow + using a system-installed libjpeg] + - S8140483, PR2740: Atomic*FieldUpdaters final fields should be + trusted + - S8140620, PR2769: Find and load default.sf2 as the default + soundbank on Linux + - S8145096, PR2854: Undefined behaviour in HotSpot + - S8145982, PR2859: JMXInterfaceBindingTest is failing + intermittently + - S8146015, PR2859: JMXInterfaceBindingTest is failing + intermittently for IPv6 addresses + - S8148351, PR2842: Only display resolved symlink for compiler, + do not change path + - S8150954, PR2866, RH1176206: AWT Robot not compatible with + GNOME Shell + * Bug fixes + - PR2933: Support ccache 3.2 and later + - PR2934: SunEC provider throwing KeyException with current NSS + - S8041658: Use of -fdevirtualize on macroAssembler_x86.o + (via -O2) with gcc 4.9.0 creates broken VM + - PR94: empty install target in Makefile.am + - PR729: GTKLookAndFeel should be the system look&feel on all + GNU/Linux desktops + - PR1275: Provide option to turn off downloading of tarballs + - PR1281, RH513605: Updating/Installing OpenJDK should recreate + the shared class-data archive + - PR1289: Allow JARs to be optionally compressed by setting + COMPRESS_JARS + - PR1291: Ensure unlimited crypto policy is in place. + - PR1325: Only add classes to rt-source-files.txt if actually + needed + - PR1341: Remove Rhino support + - PR1346: Filter out -j option to make + - PR1347: Update list of checked JDKs + - PR1348: java -version output is broken + - PR1357: Make XRender mandatory + - PR1359: Check for /usr/lib64 JVMs and generic JPackage + alternative + - PR1364: Replace hgforest support + - PR1367: Support using the system installation of LCMS + - PR1368: Ensure debug data is available for all libraries and + binaries without redundant files + - PR1369: Remove outdated bootstrap configure tests or make them + fail on error + - PR1377: Forwardport javac detection / usability test from + IcedTea 2.x + - PR1379: Add build support for Zero AArch64 + - PR1413: Undefined reference to libz during link of unpack200 + - PR1741: Break PulseAudio provider out into IcedTea-Sound + - PR1766: Expand architecture support + - PR1774: Support GIF lib v5 + - PR1774: Correct #ifdef to #if + - PR1796: make fails with "computed checksum did NOT match" + - PR1806: Support Debian/Ubuntu 7 & 8 OpenJDK Installs as Boot + JDK + - PR1812: Unable to locate HotSpot checksum when downloading + - PR1813: HotSpot URL should be used with --enable-hg + - PR1815: Split download/extraction rules for OpenJDK so they + can run in parallel + - PR1829: Support AM_MAINTAINER_MODE + - PR1834, RH1022017: Report elliptic curves supported by NSS, + not the SunEC library + - PR1845: jstack.stp in OpenJDK8 is broken + - PR1869: Avoid x86 workaround when running Zero rather than a + JIT + - PR1889: Allow tarball checksumming to be disabled + - PR1935: HotSpot extraction needs to depend on the tarball + being downloaded + - PR1937: Add configure option for -Werror + - PR1938: Zero broken by enforced use of -Werror + - PR1942: Bug reports lack IcedTea version & distribution + packaging information + - PR1950: Add build support for Zero SH + - PR1965, G498288: Allow builds on PaX kernels + - PR1968: Move to new OpenJDK bug URL format + - PR1975: SystemTap probes for the garbage collector. + - PR1977: Support using the system installation of Zlib + - PR1979: Support using the system installation of libjpeg + - PR1980: Support using the system installation of giflib + - PR1981: Support using the system installation of libpng + - PR1983: Support using the system installation of NSS with the + SunEC provider + - PR1994: make dist broken + - PR2001: Synchronise HEAD tarball paths with release branch + paths + - PR2066: Unset OS before running OpenJDK build + - PR2095, RH1163501: 2048-bit DH upper bound too small for + Fedora infrastructure + - PR2126: Synchronise elliptic curves in + sun.security.ec.NamedCurve with those listed by NSS + - PR2127: SunEC provider crashes when built using system NSS + - PR2199: Support giflib 5.1.0 + - PR2212: DGifCloseFile call should check the return value, not + the error code, for failure + - PR2227: giflib 5.1 conditional excludes 6.0, 7.0, etc. + - PR2237, RH1194378: ppc64le should report its os.arch as + ppc64le so tools can detect it + - PR2248: HotSpot tarball fails verification after download + - PR2256: Add SystemTap tests + - PR2257: clean-extract-nashorn rule is never run + - PR2321: Checksum of policy JAR files changes on every build + - PR2329: jamvm parallel unpack failures + - PR2339: Fail early if there is no native HotSpot JIT & all + other options are disabled + - PR2348: Avoid following symlinks for CACAO and JamVM patches + - PR2351: Split CACAO rule into configure and make stages + - PR2352: Split JamVM rule into configure, make and make install + stages + - PR2358: Add aliases for all stamp targets + - PR2362: Update HACKING & fsg.sh.in + - PR2363: Remove EC source code prior to build + - PR2369: SunEC provider is partially installed + - PR2377: PaX mark the installed JDK so it runs on hardened + systems + - PR2383: Location of docs directory in install-data-local is + incorrect + - PR2392: Make elliptic curve removal optional + - PR2400, RH1206656: Zero JVM crashes on startup when built with + GCC 5 + - PR2407: Fix automatic enabling of the Zero build on non-JIT + architectures which don't use CACAO or JamVM + - PR2408: Enable Zero when Shark is enabled + - PR2409: Update Zero macro to match one in IcedTea 2.x + - PR2410: Support PPC64 JIT on ppc64le + - PR2411: Fix references to hotspot.map following PR2001 + - PR2413: OpenJDK doesn't auto-select Zero on architectures + where no server JVM is available + - PR2414: CFLAGS, CXXFLAGS and LDFLAGS should be passed to + OpenJDK build + - PR2415: JVM -Xmx requirement is too high on s390 + - PR2428: OpenJDK build can't handle commas in LDFLAGS + - PR2429: OpenJDK build does not copy a symlinked cacerts file + - PR2432: ppc64 JIT doesn't support class data sharing + - PR2433: ppc64le does not support -Xshare:dump + - PR2434: SystemTap support is no longer optional + - PR2439: NSS PKCS11 regression - due to java.security automatic + loading + - PR2443: install stage fails where + BUILD_ARCH_DIR != INSTALL_ARCH_DIR + - PR2447: Allow greater control of Javadoc installation + directory + - PR2448: Install TRADEMARK, COPYING and ChangeLog as RPM spec + file does + - PR2454: install-data-local needs to check that classes.jsa + actually exists + - PR2456: Installation path for hotspot_gc.stp is wrong, due to + changed j2sdk-image location + - PR2459: Policy JAR files should be timestamped with the date + of the policy file they hold + - PR2511: Reset success following calls in LayoutManager.cpp + - PR2541: Allow the user to specify the cacerts file to use + - PR2544: Desktop files do not allow installation from multiple + versions of IcedTea + - PR2547: Extend tarball checksumming option to allow the + checksum to be specified + - PR2631: jvm.cfg missing for ppc64le + - PR2633: s390 builds still fail as BUILD_NUM_BITS is never set + - PR2675: Update ppc64le autotools infrastructure following + PR2237 + - PR2691, G564746: ./configure is unable to compile using distcc + for icedtea-3.0.0_pre06 + - PR2737: Allow multiple PKCS11 library initialisation to be a + non-critical error. + - PR2738: java.lang.UnsatisfiedLinkError: no javalcms in + java.library.path + - PR2743: Remove bad AArch64 merge fragment + - PR2759: LCMS library should be named javalcms, not lcms, to + avoid potential conflicts with the system library + - PR2766: Remove all references to GCJ + - PR2767: Remove remaining rogue binaries from OpenJDK tree + - PR2768: Move SystemTap GCC 4.5 patch to OpenJDK tree or + discard if no longer needed + - PR2777: Fix MAX/MIN template usage on s390 + - PR2804: test/tapset/jstaptest.pl should be executable + - PR2815: Race condition in SunEC provider with system NSS + - PR2825: Placement of -lfreebl matters when using bfd linker + - PR2826: Provide option to disable SystemTap tests + - PR2841: Parallelism issues resulting from PR2459 + - PR2863: IcedTea doesn't pass through build and host triplets + to OpenJDK's configure + - PR2865: Handle uninstallation. + - PR2869: Revert CRC fix (S8000650) backported as part of PR2462 + - PR2873: Fix make distcheck. + - PR2880: Add missing test directory in make check. + - PR2885: Location of 'stap' executable is hard-coded + - PR2888: OpenJDK should check for system cacerts database (e.g. + /etc/pki/java/cacerts) + - PR2899: Don't use WithSeed versions of NSS functions as they + don't fully process the seed + - PR2906: Support prefixed variants of GNU tools used on *BSD + systems + - PR2907: Replace --with-abs-install-dir with usual --prefix + - PR2917: Don't pass --with-cacerts-file to build if + USE_ALT_CACERTS_FILE is not set + - PR2918: Makefile handles cacerts as a symlink, but the + configure check doesn't + - PR2920: PaX marking fails on filesystems which don't support + extended attributes + - PR2921: Uninstallation of docs deletes too much + - Don't substitute 'j' for '-j' inside -I directives + - Extend 8041658 to all files in the HotSpot build. + - Remove jcheck + * AArch64 port + - PR1970: Imported from aarch64 jdk8 repository. + - PR2853: Fix build for aarch64/zero + - PR2853: Remaining miscellaneous synchronisation changes from + aarch64/jdk8u + - PR2853: Remove AArch64-specific code in generateOptoStub.cpp. + - PR2853: Remove some AArch64-specific code in share/. + - PR2853: Remove some unnecessary divergences from jdk8u. + - PR2853: Revert AArch64 jvm.cfg divergence + - PR2853: Revert changes to libpng source code now 8078245 is in + place. + - PR2922: Import latest AArch64 changes from aarch64-port/jdk8u + (aarch64-jdk8u77-b03) + - S8150652, PR2922: Remove unused code in AArch64 back end + * JamVM + - JSR 292: Invoke Dynamic + - JSR 308: Type Annotations + - JSR 335: Lambda Expressions + - JSR 901: VM support for method parameter reflection + - JEP 171: Implement fence methods in sun.misc.Unsafe + - sun.misc.Unsafe: additional methods get/putAddress. + - FreeClassData: adjust method count for Miranda methods + - Fix invokesuper check in invokespecial opcode + - Fix non-direct interpreter invokespecial super-class check + - When GC'ing a native method don't try to free code + - Do not free unprepared Miranda method code data + - Set anonymous class protection domain + - JVM_IsVMGeneratedMethodIx stub + - Dummy implementation of sun.misc.Perf natives + - JVM_NewMultiArray: element class may be an array + - jtreg test java/lang/reflect/Array/ExceedMaxDim + - OpenJDK: Fix Local/Anonymous class checks + - classlibMarkThreadTerminated should return Object* + - Fix race-condition in constant-pool resolution code + - JSR 292: MethodHandle constant-pool refs may be resolved + - JSR 292: bootstrap method args error handling + - JSR 308: update to match OpenJDK changes + - JSR 292: correct intrinsic cache COMPARE function + - Race condition in setting up imethod table + - GC: Minor performance improvement + - PR2034: --enable-jamvm builds broken, missing + JVM_GetTemporaryDirectory impl + - PR2336: JamVM lacks JVM_FindClassFromCaller + - PR2523: Add executable stack markings to callNative.S on JamVM + - PR2775: JamVM lacks JVM_GetResourceLookupCacheURLs introduced + by jdk8u40 + * CACAO + - PR1277: Synchronise CACAO rules between IcedTea6/7/8 where + possible + - PR1279: Synchronise CACAO versions between IcedTea6/7/8 where + possible + - PR2035: --enable-cacao builds broken, missing + JVM_GetTemporaryDirectory impl. + - PR2330, CA172, G453612: Add ARM hardfloat support to CACAO on + Gentoo + - PR2331: IcedTea8 fails to build with IcedTea7 CACAO due to low + max heap size + - PR2335: CACAO lacks JVM_FindClassFromCaller + - PR2347: Fix CACAO patches to apply again + - PR2349: 'struct jvm_version_info' has no member named + 'is_kernel_jvm' + - PR2350: Update to latest CACAO + - PR2354: stamps/cacao.stamp tries to touch a file in a + directory which doesn't exist + - PR2355: CACAO build fails to use JRE layout + - PR2776: CACAO lacks JVM_GetResourceLookupCacheURLs introduced + by jdk8u40 + - PR2832, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: + Assertion `dest && result && x.any && y.any' failed + - PR2908: Add missing functions for CACAO OpenJDK JVM + implementation + - PR2909: Install CACAO in same way as JamVM + - PR2910: Add rudimentary support for OpenJDK 8 class files to + CACAO + - PR2916: Update CACAO drop to use the latest from cacao-staging +- Removed patches: + * PStack-808293.patch + * aarch64-misc.patch + * disable-doclint-by-default.patch + * include-all-srcs.patch + * link-with-as-needed.patch + * memory-limits.patch + * multiple-pkcs11-library-init.patch + * ppc64le-8036767.patch + * s390-java-opts.patch + * s390-size_t.patch + * system-lcms.patch + * system-libjpeg.patch + * system-libpng.patch + * zero-dummy.patch + - Fixed upstream +- Added patches: + * icedtea-3.0.1-sunec.patch + - Adapt the nss detection to SUSE packaging of mozilla-nss + * java-1_8_0-openjdk-suse-desktop-files.patch + - Adapt the desktop files for SUSE needs +- Modified patches: + * 1015432.patch + * adlc-parser.patch + * compare-pointer-with-literal.patch + * implicit-pointer-decl.patch + * java-atk-wrapper-security.patch + * ppc-zero-hotspot.patch + * zero-javadoc-verbose.patch + - Adapt to new directory structure + +------------------------------------------------------------------- +Wed Mar 30 06:17:02 UTC 2016 - fstrba@suse.com + +- Update to upstream tag jdk8u77-b03 (bsc#972468) + * CVE-2016-0636: Improve MethodHandle consistency + +------------------------------------------------------------------- +Fri Feb 26 12:29:06 UTC 2016 - fstrba@suse.com + +- Added patch: + * ppc64le-8036767.patch + + Change archinstall for ppc64le from ppc64 to ppc64le + directory. + +------------------------------------------------------------------- +Mon Jan 25 07:54:33 UTC 2016 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u72-b15 + * Oracle Critical Patch Update of January 2016 (bsc#962743) + * Using aarch64 hotspot tag aarch64-jdk8u72-b15 +- Security issues fixed: + * CVE-2015-7575: Mozilla Network Security Services (NSS) before + 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox + ESR 38.x before 38.5.2, does not reject MD5 signatures in Server + Key Exchange messages in TLS 1.2 Handshake Protocol traffic, + which makes it easier for man-in-the-middle attackers to spoof + servers by triggering a collision. + * CVE-2015-8126: Multiple buffer overflows in the (1) png_set_PLTE + and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x + and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x + before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to + cause a denial of service (application crash) or possibly have + unspecified other impact via a small bit-depth value in an IHDR + (aka image header) chunk in a PNG image. + * CVE-2016-0402: Unspecified vulnerability in the Java SE and + Java SE Embedded components in Oracle Java SE 6u105, 7u91, and + 8u66 and Java SE Embedded 8u65 allows remote attackers to affect + integrity via unknown vectors related to Networking. + * CVE-2016-0448: Unspecified vulnerability in the Java SE and + Java SE Embedded components in Oracle Java SE 6u105, 7u91, and + 8u66, and Java SE Embedded 8u65 allows remote authenticated + users to affect confidentiality via vectors related to JMX. + * CVE-2016-0466: Unspecified vulnerability in the Java SE, Java SE + Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, + and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows + remote attackers to affect availability via vectors related to + JAXP. + * CVE-2016-0475: Unspecified vulnerability in the Java SE, Java SE + Embedded, and JRockit components in Oracle Java SE 8u66; Java SE + Embedded 8u65; and JRockit R28.3.8 allows remote attackers to + affect confidentiality and integrity via unknown vectors related + to Libraries. + * CVE-2016-0483: Unspecified vulnerability in the Java SE, Java SE + Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, + and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows + remote attackers to affect confidentiality, integrity, and + availability via vectors related to AWT. + * CVE-2016-0494: Unspecified vulnerability in the Java SE and Java + SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 + and Java SE Embedded 8u65 allows remote attackers to affect + confidentiality, integrity, and availability via unknown vectors + related to 2D. +- Modified patch: + * s390-java-opts.patch + + rediff to the changed context + +------------------------------------------------------------------- +Thu Oct 22 12:19:38 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u65-b17 + * Security fix release of October 21, 2015 (bsc#951376) +- Security issues fixed: + * CVE-2015-4734: A remote user can exploit a flaw in the Embedded + JGSS component to partially access data + * CVE-2015-4803: A remote user can exploit a flaw in the JRockit + JAXP component to cause partial denial of service conditions + * CVE-2015-4805: A remote user can exploit a flaw in the Embedded + Serialization component to gain elevated privileges + * CVE-2015-4806: A remote user can exploit a flaw in the Java SE + Embedded Libraries component to partially access and partially + modify data + * CVE-2015-4835: A remote user can exploit a flaw in the Embedded + CORBA component to gain elevated privileges + * CVE-2015-4842: A remote user can exploit a flaw in the Embedded + JAXP component to partially access data + * CVE-2015-4843: A remote user can exploit a flaw in the Java SE + Embedded Libraries component to gain elevated privileges + * CVE-2015-4844: A remote user can exploit a flaw in the Embedded + 2D component to gain elevated privileges + * CVE-2015-4860: A remote user can exploit a flaw in the Embedded + RMI component to gain elevated privileges + * CVE-2015-4872: A remote user can exploit a flaw in the JRockit + Security component to partially modify data []. + * CVE-2015-4881: A remote user can exploit a flaw in the Embedded + CORBA component to gain elevated privileges + * CVE-2015-4882: A remote user can exploit a flaw in the Embedded + CORBA component to cause partial denial of service conditions + * CVE-2015-4883: A remote user can exploit a flaw in the Embedded + RMI component to gain elevated privileges + * CVE-2015-4893: A remote user can exploit a flaw in the JRockit + JAXP component to cause partial denial of service conditions + * CVE-2015-4902: A remote user can exploit a flaw in the Java SE + Deployment component to partially modify data + * CVE-2015-4903: A remote user can exploit a flaw in the Embedded + RMI component to partially access data + * CVE-2015-4911: A remote user can exploit a flaw in the JRockit + JAXP component to cause partial denial of service conditions + * CVE-2015-4810: A local user can exploit a flaw in the Java SE + Deployment component to gain elevated privileges + * CVE-2015-4840: A remote user can exploit a flaw in the Embedded + 2D component to partially access data + * CVE-2015-4868: A remote user can exploit a flaw in the Java SE + Embedded Libraries component to gain elevated privileges + * CVE-2015-4901: A remote user can exploit a flaw in the JavaFX + component to gain elevated privileges + * CVE-2015-4906: A remote user can exploit a flaw in the JavaFX + component to partially access data + * CVE-2015-4908: A remote user can exploit a flaw in the JavaFX + component to partially access data + * CVE-2015-4916: A remote user can exploit a flaw in the JavaFX + component to partially access data +- Modified patch: + * s390-size_t.patch + - Account for an additional uintptr_t <-> size_t mismatch + +------------------------------------------------------------------- +Wed Aug 19 08:12:09 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u60-b27 + * Release of JDK 8u60 +- Removed patches: + * hotspot-support-kernel-4.patch + * cplusplus-interpreter.patch + * signed-overflow.patch + - Integrated upstream + * system-giflib5.patch + - Fixed differently upstream + * applet-hole.patch + - Not needed any more with recent versions of icedtea-web +- Modified patches + * aarch64-misc.patch + - Rediff to correspond to the new context + - Added bits from aarch64-port/jdk8/jdk + +------------------------------------------------------------------- +Tue Aug 18 13:04:22 UTC 2015 - fstrba@suse.com + +- Add constraints file + +------------------------------------------------------------------- +Wed Jul 22 08:21:13 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u51-b16 + * Security fix release of July 15, 2015 (bsc#938248, bsc#937828) +- Security issues fixed: + * CVE-2015-2590: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: Libraries). + * CVE-2015-2597: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Install). + * CVE-2015-2601: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JCE). + * CVE-2015-2613: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: JCE). + * CVE-2015-2619: Vulnerability in the Java SE, JavaFX, Java SE + Embedded component of Oracle Java SE (subcomponent: 2D). + * CVE-2015-2621: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: JMX). + * CVE-2015-2625: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JSSE). + * CVE-2015-2627: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Install). + * CVE-2015-2628: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: CORBA). + * CVE-2015-2632; Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: 2D). + * CVE-2015-2637: Vulnerability in the Java SE, JavaFX, Java SE + Embedded component of Oracle Java SE (subcomponent: 2D). + * CVE-2015-2638: Vulnerability in the Java SE, JavaFX, Java SE + Embedded component of Oracle Java SE (subcomponent: 2D). + * CVE-2015-2659: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: Security). + * CVE-2015-2664: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Deployment). + * CVE-2015-2808: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JSSE). + * CVE-2015-4000: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JSSE). + * CVE-2015-4729: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Deployment). + * CVE-2015-4731: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: JMX). + * CVE-2015-4732: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: Libraries). + * CVE-2015-4733: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: RMI). + * CVE-2015-4736: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Deployment). + * CVE-2015-4748: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: Security). + * CVE-2015-4749: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JNDI). + * CVE-2015-4760: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: 2D). + +------------------------------------------------------------------- +Thu Jun 18 13:38:54 UTC 2015 - tchvatal@suse.com + +- Use priority matching to ibm-java, always 5 bigger than it + +------------------------------------------------------------------- +Wed Jun 10 08:10:23 UTC 2015 - fstrba@suse.com + +- Added patch: + * zero-dummy.patch + - Fix crash of ZERO VM built with gcc5 + +------------------------------------------------------------------- +Fri Jun 5 12:58:27 UTC 2015 - fstrba@suse.com + +- Added patch: + * signed-overflow.patch + - fix OOM due to signed overflow shown by gcc5 build + +------------------------------------------------------------------- +Tue May 26 08:36:52 UTC 2015 - fstrba@suse.com + +- Use the tzdb.dat from tzdata-java8 package on distributions + that have it. + +------------------------------------------------------------------- +Tue May 5 15:15:09 UTC 2015 - fstrba@suse.com + +- Added patch: + * hotspot-support-kernel-4.patch + * fix build on systems having kernel 4.0 + +------------------------------------------------------------------- +Thu Apr 16 15:47:54 UTC 2015 - fstrba@suse.com + +- Update the aarch64 tarball to the recent tip + * The revision has merged changes up to jdk8u45-b14 +- Apply cplusplus-interpreter.patch to the default hotspot tarball + only (aarch64 tarball has the patch integrated) + +------------------------------------------------------------------- +Wed Apr 15 08:27:37 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u45-b14 + * Security fix release of April 14, 2015 + +------------------------------------------------------------------- +Wed Apr 8 07:37:27 UTC 2015 - fstrba@suse.com + +- Build the accelerated aarch64 hotspot anew + +------------------------------------------------------------------- +Thu Mar 5 16:40:27 UTC 2015 - fstrba@suse.com + +- Update the aarch64 tarball to a recent tip of the jdk8 repository + +------------------------------------------------------------------- +Wed Mar 4 06:44:04 UTC 2015 - fstrba@suse.com + +- jdk8u40-b25 became officially jdk8u40 release + * Modify the package version + +------------------------------------------------------------------- +Tue Feb 17 12:58:49 UTC 2015 - fstrba@suse.com + +- Modified patch + * system-libjpeg.patch + - correct the case mismatch that prevented JPEG decoder from + working correctly (bnc#905950) + +------------------------------------------------------------------- +Mon Feb 16 08:01:42 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u40-b25 + +------------------------------------------------------------------- +Thu Feb 5 09:55:30 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u40-b24 +- Upgrade the aarch64 hotspot to new tip + * sync-ed with jdk8u40-b23 +- Removed patch + * aarch64-b12tob22.patch + - Not needed since the aarch64 tarball is on a recent enough + tag +- Modified patch + * s390-size_t.patch + - Adapt to hotspot changes + +------------------------------------------------------------------- +Tue Jan 27 07:52:58 UTC 2015 - fstrba@suse.com + +- Removed patch + * aarch64-b12tob21.patch + - replaced by one that forward-ports to b22 +- Added patch + * aarch64-b12tob22.patch + - forward-port the aarch64 hotspot to b22. + +------------------------------------------------------------------- +Sun Jan 25 18:06:11 UTC 2015 - fstrba@suse.com + +- Modify patch: system-giflib5.patch + * Fix build with giflib 5.1.x + +------------------------------------------------------------------- +Thu Jan 22 09:42:50 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u40-b22 + * Security update from 2015-01-20 + +------------------------------------------------------------------- +Wed Jan 21 08:22:26 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u40-b21 +- Removed patch: + * aarch64-b12tob20.patch + - replaced by new version +- Added patch: + * aarch64-b12tob21.patch + - port the relevant changes between builds b12 and b21 to the + aarch64 tarball that is on the upstream tag of jdk8u40-b12 + +------------------------------------------------------------------- +Mon Jan 12 07:58:48 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u40-b20 + * Switch to the jdk8u40 stabilisation branch that will result in + the jdk8u40 release +- Removed patch: + * hotspot-build-j-directive.patch + - integrated in the jdk8u40-b20 version of hotspot +- Added patches: + * aarch64-b12tob20.patch + - port the relevant changes between builds b12 and b20 to the + aarch64 tarball that is on the upstream tag of jdk8u40-b12 + * cplusplus-interpreter.patch + - fix a build of C++ interpreter that is used with Zero virtual + machine. + +------------------------------------------------------------------- +Sun Jan 4 22:00:21 UTC 2015 - schwab@suse.de + +- zero-javadoc-verbose.patch: Avoid triggering inactivity timeout while + generating javadoc in zero VM + +------------------------------------------------------------------- +Mon Dec 8 13:32:25 UTC 2014 - fstrba@suse.com + +- Require version of tzdata-java compatible with this version + of Java. + +------------------------------------------------------------------- +Sun Nov 23 13:46:44 UTC 2014 - schwab@linux-m68k.org + +- Define bits to %__isa_bits if defined + +------------------------------------------------------------------- +Tue Nov 11 17:18:21 UTC 2014 - fstrba@suse.com + +- Modified patches: + * s390-size_t.patch + - rediff and drop unnecessary chunks + * s390-java-opts.patch + - modify to correspond to the changed context + +------------------------------------------------------------------- +Mon Nov 10 14:55:35 UTC 2014 - fstrba@suse.com + +- Put manpage alternative for policy-tool to the right package + +------------------------------------------------------------------- +Tue Nov 4 19:25:03 UTC 2014 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u40-b12 + * Unstable snapshot in view of jdk8u40 release + * aarch64 hotspot merged to the level of jdk8u40-b12 +- Remove unneeded aarch64-jdk8u40-b09_b10.patch: + * the aarch64 hotspot merge contains all the changes + +------------------------------------------------------------------- +Wed Oct 29 08:38:44 UTC 2014 - fstrba@suse.com + +- Update config.sub and config.guess to the recent master of + http://git.savannah.gnu.org/cgit/config.git + +------------------------------------------------------------------- +Fri Oct 17 07:18:59 UTC 2014 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u40-b10 + * Unstable snapshot in view of jdk8u40 release + * Contains security fixes from 14 october 2014 +- Add aarch64-jdk8u40-b09_b10.patch + * Manually upgrade the aarch64 hotspot tarball with the changes + between b09 and b10 + +------------------------------------------------------------------- +Thu Oct 16 20:07:56 UTC 2014 - fstrba@suse.com + +- Allow building for SLE11 + * Conditionalize BuildRequires + * Conditionalize cxxflags not understood by gcc 4.3 + * Conditionalize javadoc noarch build for distributions that + understand the per-package BuildArch +- Try to make the jre-32 and jre-64 provides more automatic +- Disable brp-check-bytecode-version during install + * java8 will have bytecode version 8 in its jars + +------------------------------------------------------------------- +Tue Oct 7 06:25:32 UTC 2014 - fstrba@suse.com + +- Force Zero VM for aarch64, since from the beginning we did not + manage to finish a build of Hotspot for this architecture. + +------------------------------------------------------------------- +Thu Oct 2 14:57:03 UTC 2014 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u40-b08 + * Unstable snapshot in view of jdk8u40 release + +------------------------------------------------------------------- +Mon Sep 29 06:36:58 UTC 2014 - fstrba@suse.com + +- Build template jvm interpreter on ppc64le + * It was ported for this architecture in jdk8u49-b06 +- Build depend on the generic java-bootstrap-devel + * Allows to build against java-1_7_0-openjdk-bootstrap +- Reformat the spec file with spec-cleaner + +------------------------------------------------------------------- +Fri Sep 26 07:35:47 UTC 2014 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u40-b07 + * Unstable snapshot in view of jdk8u40 release +- Removed patch: aarch64-jni-update.patch + * Upstreamed changes +- Modified patch: aarch64-misc.patch + * Do not patch generated-configure.sh that is anyway regenerated. +- Modified patch: system-libjpeg.patch + * Do not patch generated-configure.sh that is anyway regenerated. + * Rediff to apply cleanly +- Modified patches: link-with-as-needed.patch, + system-giflib5.patch, system-lcms.patch, system-libpng.patch + * Rediff to apply cleanly + +------------------------------------------------------------------- +Tue Sep 23 08:16:11 UTC 2014 - fstrba@suse.com + +- Add provides jre-32 on %{ix86} and ppc + * This satisfies libreoffice's requires + +------------------------------------------------------------------- +Mon Sep 8 07:46:47 UTC 2014 - fstrba@suse.com + +- Add provides jre-64 on x86_64. bnc#895191 + +------------------------------------------------------------------- +Wed Aug 20 14:31:18 UTC 2014 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u20-b26 + * Tag corresponding to jdk8u20 public release +- Do not include the build number in version information, since + this is the official 1.8.0.20 release + +------------------------------------------------------------------- +Wed Jul 23 08:00:09 UTC 2014 - fstrba@suse.com + +- Use icedtea-sound-1.0.1 release tarball + +------------------------------------------------------------------- +Fri Jul 18 07:21:20 UTC 2014 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u20-b23 + * Security updates from 15 July 2014 +- Removed patch: voidreturn.patch + * Integrated upstream +- Re-diffed patch: java-atk-wrapper-security.patch + * Re-diff to correspond to the new changes +- Modify accessibility post script to actually create the + corresponding symlinks + +------------------------------------------------------------------- +Tue Jul 15 08:03:53 UTC 2014 - fstrba@suse.com + +- Initial package built from upstream OpenJDK + * Version 1.8.0.20~b22 + * Sources from http://hg.openjdk.java.net/jdk8u/jdk8u20/ + tag jdk8u20-b22 +- Initial bug-/build-fix patches + * 1015432.patch + * aarch64-jni-update.patch + * aarch64-misc.patch + * adlc-parser.patch + * applet-hole.patch + * compare-pointer-with-literal.patch + * disable-doclint-by-default.patch + * hotspot-build-j-directive.patch + * implicit-pointer-decl.patch + * include-all-srcs.patch + * java-atk-wrapper-security.patch + * link-with-as-needed.patch + * memory-limits.patch + * multiple-pkcs11-library-init.patch + * ppc-zero-hotspot.patch + * PStack-808293.patch + * s390-java-opts.patch + * s390-size_t.patch + * system-giflib5.patch + * system-lcms.patch + * system-libjpeg.patch + * system-libpng.patch + * voidreturn.patch +- Added aarch64 hotspot from the tip of + http://hg.openjdk.java.net/aarch64-port/jdk8/hotspot +- Added pulseaudio provider from the tip of + http://icedtea.classpath.org/hg/icedtea-sound/ + diff --git a/java-1_8_0-openjdk.spec b/java-1_8_0-openjdk.spec new file mode 100644 index 0000000..59b6579 --- /dev/null +++ b/java-1_8_0-openjdk.spec @@ -0,0 +1,1147 @@ +# +# spec file for package java-1_8_0-openjdk +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%{!?aarch64:%global aarch64 aarch64 arm64 armv8} +%global jit_arches %{ix86} x86_64 ppc64 ppc64le %{aarch64} %{arm} +%global icedtea_version 3.30.0 +%global buildoutputdir openjdk.build/ +# Convert an absolute path to a relative path. Each symbolic link is +# specified relative to the directory in which it is installed so that +# it will resolve properly within chrooted installations. +%global script 'use File::Spec; print File::Spec->abs2rel($ARGV[0], $ARGV[1])' +%global abs2rel perl -e %{script} +%global syslibdir %{_libdir} +%global archname %{name} +# Standard JPackage naming and versioning defines. +# priority must be 6 digits in total +%global priority 1805 +%global javaver 1.8.0 +%global updatever 402 +%global buildver 08 +# Standard JPackage directories and symbolic links. +%global sdklnk java-%{javaver}-openjdk +%global archname %{sdklnk} +%global jrelnk jre-%{javaver}-openjdk +%global sdkdir %{sdklnk}-%{javaver} +%global jredir %{sdkdir}/jre +%global sdkbindir %{_jvmdir}/%{sdklnk}/bin +%global jrebindir %{_jvmdir}/%{jrelnk}/bin +%global jvmjardir %{_jvmjardir}/%{sdkdir} +%global jvmjarlink %{_jvmjardir}/%{sdklnk} +# Prevent brp-java-repack-jars from being run. +%global __jar_repack 0 +# cacert symlink +%global cacerts %{_jvmdir}/%{jredir}/lib/security/cacerts +# real file made by update-ca-certificates +%global javacacerts %{_var}/lib/ca-certificates/java-cacerts +%if 0%{?suse_version} >= 1330 +%global with_improved_font_rendering 1 +%else +%global with_improved_font_rendering 0 +%endif +%if 0%{?suse_version} >= 1220 +%global with_system_lcms 1 +%else +%global with_system_lcms 0 +%endif +%if 0%{?suse_version} > 1310 +%global with_system_kerberos 1 +%else +%global with_system_kerberos 0 +%endif +%if 0%{?suse_version} > 1320 +%global with_system_pcsc 1 +%else +%global with_system_pcsc 0 +%endif +%if 0%{?suse_version} > 1320 +%global with_system_sctp 1 +%else +%global with_system_sctp 0 +%endif +%ifarch x86_64 +%global archinstall amd64 +%endif +%ifarch ppc +%global archinstall ppc +%endif +%ifarch ppc64 +%global archinstall ppc64 +%endif +%ifarch ppc64le +%global archinstall ppc64le +%endif +%ifarch %{ix86} +%global archinstall i386 +%endif +%ifarch ia64 +%global archinstall ia64 +%endif +%ifarch s390 +%global archinstall s390 +%endif +%ifarch s390x +%global archinstall s390x +%endif +%ifarch %{arm} +%global archinstall aarch32 +%endif +%ifarch %{aarch64} +%global archinstall aarch64 +%endif +# 32 bit sparc, optimized for v9 +%ifarch sparcv9 +%global archinstall sparc +%endif +# 64 bit sparc +%ifarch sparc64 +%global archinstall sparcv9 +%endif +%ifnarch %{jit_arches} +%global archinstall %{_arch} +# turn zero on non jit arches by default +%global _with_zero 1 +%endif +# bnc#542545 +# 32-bit versus 64-bit specific provides: +%ifarch %{ix86} ppc s390 +%global bits 32 +%endif +%ifarch x86_64 ia64 s390x +%global bits 64 +%endif +%if 0%{?__isa_bits} +%global bits %{__isa_bits} +%endif +%if 0%{?suse_version} > 1500 && !0%{?sle_version} +%global with_shenandoah 1 +%else +%global with_shenandoah 0 +%endif +%global NSS_LIBDIR %(pkg-config --variable=libdir nss) +%bcond_without bootstrap +%bcond_with zero +# Turn on/off some features depending on openSUSE version +%if 0%{?suse_version} >= 1130 +%if ! %{with zero} +%global with_systemtap 1 +%else +%global with_systemtap 0 +%endif +%else +%global with_systemtap 0 +%endif +%if %{with_systemtap} +# Where to install systemtap tapset (links) +# We would like these to be in a package specific subdir, +# but currently systemtap doesn't support that, so we have to +# use the root tapset dir for now. To distinquish between 64 +# and 32 bit architectures we place the tapsets under the arch +# specific dir (note that systemtap will only pickup the tapset +# for the primary arch for now). Systemtap uses the machine name +# aka build_cpu as architecture specific directory name. +%global tapsetroot %{_datadir}/systemtap +%global tapsetdir %{tapsetroot}/tapset/%{_build_cpu} +%endif +Name: java-1_8_0-openjdk +Version: %{javaver}.%{updatever} +Release: 0 +Summary: OpenJDK 8 Runtime Environment +License: Apache-1.1 AND Apache-2.0 AND GPL-1.0-or-later AND GPL-2.0-only AND GPL-2.0-only WITH Classpath-exception-2.0 AND LGPL-2.0-only AND MPL-1.0 AND MPL-1.1 AND SUSE-Public-Domain AND W3C +Group: Development/Languages/Java +URL: https://openjdk.java.net/ +Source0: https://icedtea.classpath.org/download/source/icedtea-%{icedtea_version}.tar.xz +Source1: https://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_version}/openjdk-git.tar.xz +Source2: https://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_version}/aarch32-git.tar.xz +Source3: https://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_version}/shenandoah-git.tar.xz +# nss fips configuration file +Source17: nss.fips.cfg.in +# RPM/distribution specific patches +# bsc#1211968 +Patch1: bsc1211968.patch +# RHBZ 1015432 +Patch2: 1015432.patch +# Restrict access to java-atk-wrapper classes +Patch3: java-atk-wrapper-security.patch +# Fix use of unintialized memory in adlc parser +Patch12: adlc-parser.patch +# Avoid triggering inactivity timeout while generating javadoc in zero VM +Patch14: zero-javadoc-verbose.patch +# Fix detection of jobserver support +Patch15: make-jobserver-detection.patch +# +# OpenJDK specific patches +# +# Patch for PPC +Patch103: ppc-zero-hotspot.patch +Patch1001: java-1_8_0-openjdk-suse-desktop-files.patch +Patch1002: icedtea-3.8.0-s390.patch +Patch2001: disable-doclint-by-default.patch +Patch2002: JDK_1_8_0-8208602.patch +Patch3000: tls13extensions.patch +Patch4000: riscv64-zero.patch +Patch5001: fips.patch +BuildRequires: alsa-lib-devel +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: binutils +BuildRequires: cups-devel +BuildRequires: desktop-file-utils +BuildRequires: fdupes +BuildRequires: fontconfig-devel +BuildRequires: freetype2-devel +BuildRequires: gcc-c++ +BuildRequires: giflib-devel +BuildRequires: gtk2-devel +BuildRequires: javapackages-tools +BuildRequires: libjpeg-devel +BuildRequires: liblcms2-devel +BuildRequires: libpng-devel +BuildRequires: libxslt +BuildRequires: mozilla-nss-devel >= 3.53 +BuildRequires: pkgconfig +BuildRequires: unzip +BuildRequires: update-desktop-files +BuildRequires: xorg-x11-proto-devel +BuildRequires: xz +BuildRequires: zip +# Requires rest of java +Requires: %{name}-headless = %{version}-%{release} +Requires: fontconfig +# Standard JPackage base provides. +Provides: java = %{javaver} +Provides: java-%{javaver} = %{version}-%{release} +Provides: java-openjdk = %{version}-%{release} +Provides: jre = %{javaver} +Provides: jre-%{javaver} = %{version}-%{release} +Provides: jre-%{javaver}-openjdk = %{version}-%{release} +Provides: jre-openjdk = %{version}-%{release} +# Standard JPackage extensions provides. +Provides: java-fonts = %{version} +# Required at least by fop +Provides: java-%{bits} = %{javaver} +Provides: java-%{javaver}-%{bits} +Provides: java-openjdk-%{bits} = %{version}-%{release} +Provides: jre-%{bits} = %{javaver} +Provides: jre-%{javaver}-%{bits} +Provides: jre-%{javaver}-openjdk-%{bits} = %{version}-%{release} +Provides: jre-openjdk-%{bits} = %{version}-%{release} +Provides: jre1.3.x +Provides: jre1.4.x +Provides: jre1.5.x +Provides: jre1.6.x +Provides: jre1.7.x +Provides: jre1.8.x +%if %{with bootstrap} +BuildRequires: java-devel >= 1.7 +BuildConflicts: java-devel >= 1.9 +BuildConflicts: java-devel-openj9 +%else +BuildRequires: %{name}-devel +%endif +%if %{with_system_kerberos} +BuildRequires: krb5-devel +%endif +# Zero-assembler build requirement. +%if %{with zero} +BuildRequires: libffi-devel +%endif +%if 0%{?suse_version} <= 1130 +BuildRequires: xorg-x11-devel +%else +BuildRequires: libX11-devel +BuildRequires: libXcomposite-devel +BuildRequires: libXi-devel +BuildRequires: libXinerama-devel +BuildRequires: libXt-devel +BuildRequires: libXtst-devel +%endif +# runtime certificates generation available in 11.3+ - bnc#596177 +%if 0%{?suse_version} >= 1130 +BuildRequires: java-ca-certificates +Requires(post): file +Requires(post): java-ca-certificates +%else +BuildRequires: openssl-certs +# the certificates will converted in a prep to standard keystore file - cacerts +# The openssl requirment seems to be necessary for build only. +Requires: openssl +%endif +%if %{with_systemtap} +BuildRequires: systemtap-sdt-devel +%endif +%if %{with_system_pcsc} +BuildRequires: pcsc-lite-devel +%endif +%if %{with_system_sctp} +BuildRequires: lksctp-tools-devel +%endif + +%description +The OpenJDK 8 runtime environment. + +%package headless +Summary: OpenJDK 8 Runtime Environment +# Require jpackage-utils for ownership of /usr/lib/jvm/ +Group: Development/Languages/Java +Requires: jpackage-utils +# mozilla-nss has to be installed to prevent +# java.security.ProviderException: Could not initialize NSS +# ... +# java.io.FileNotFoundException: /usr/lib64/libnss3.so +#was bnc#634793 +Requires: mozilla-nss +# Post requires update-alternatives to install tool update-alternatives. +Requires(post): update-alternatives +# Postun requires update-alternatives to uninstall tool update-alternatives. +Requires(postun): update-alternatives +Recommends: tzdata-java8 +# Standard JPackage base provides. +Provides: java-%{javaver}-headless = %{version}-%{release} +Provides: java-headless = %{javaver} +Provides: java-openjdk-headless = %{version}-%{release} +Provides: jre-%{javaver}-headless = %{version}-%{release} +Provides: jre-%{javaver}-openjdk-headless = %{version}-%{release} +Provides: jre-headless = %{javaver} +Provides: jre-openjdk-headless = %{version}-%{release} +# Standard JPackage extensions provides. +Provides: jaas = %{version} +Provides: java-sasl = %{version} +Provides: jce = %{version} +Provides: jdbc-stdext = 4.2 +Provides: jndi = %{version} +Provides: jndi-cos = %{version} +Provides: jndi-dns = %{version} +Provides: jndi-ldap = %{version} +Provides: jndi-rmi = %{version} +Provides: jsse = %{version} + +%description headless +The OpenJDK 8 runtime environment without audio and video support. + +%package devel +Summary: OpenJDK 8 Development Environment +# Require base package. +Group: Development/Languages/Java +Requires: %{name} = %{version}-%{release} +# Post requires update-alternatives to install tool update-alternatives. +Requires(post): update-alternatives +# Postun requires update-alternatives to uninstall tool update-alternatives. +Requires(postun): update-alternatives +# Standard JPackage devel provides. +Provides: java-%{javaver}-devel = %{version} +Provides: java-devel = %{javaver} +Provides: java-devel-openjdk = %{version} +Provides: java-sdk = %{javaver} +Provides: java-sdk-%{javaver} = %{version} +Provides: java-sdk-%{javaver}-openjdk = %{version} +Provides: java-sdk-openjdk = %{version} + +%description devel +The OpenJDK 8 development tools. + +%package demo +Summary: OpenJDK 8 Demos +Group: Development/Languages/Java +Requires: %{name} = %{version}-%{release} + +%description demo +The OpenJDK 8 demos. + +%package src +Summary: OpenJDK 8 Source Bundle +Group: Development/Languages/Java +Requires: %{name} = %{version}-%{release} + +%description src +The OpenJDK 8 source bundle. + +%package javadoc +Summary: OpenJDK 8 API Documentation +Group: Development/Languages/Java +Requires: jpackage-utils +# Post requires update-alternatives to install javadoc alternative. +Requires(post): update-alternatives +# Postun requires update-alternatives to uninstall javadoc alternative. +Requires(postun): update-alternatives +# Standard JPackage javadoc provides. +Provides: java-%{javaver}-javadoc = %{version}-%{release} +Provides: java-javadoc = %{version}-%{release} +%if 0%{?suse_version} >= 1120 +BuildArch: noarch +%endif + +%description javadoc +The OpenJDK 8 API documentation. + +%package accessibility +Summary: OpenJDK 8 accessibility connector +Group: Development/Languages/Java +Requires: %{name} = %{version}-%{release} +Requires: java-atk-wrapper + +%description accessibility +Enables accessibility support in OpenJDK 8 by using java-atk-wrapper. +This allows compatible at-spi2 based accessibility programs to work +for AWT and Swing-based programs. + +Please note, the java-atk-wrapper is still in beta, and OpenJDK 8 +itself is still being tuned to be working with accessibility features. +There are known issues with accessibility on, so please do not install +this package unless you really need to. + +%prep +%setup -q -n icedtea-%{icedtea_version} + +%patch1001 -p1 +%ifarch s390 +%patch1002 -p1 +%endif + +# Setup nss.fips.cfg +sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE17} > nss.fips.cfg +sed -i -e "s:@NSS_SECMOD@:sql\:/etc/pki/nssdb:g" nss.fips.cfg + +%build +%define _lto_cflags %{nil} +export LANG=C +unset JAVA_HOME + +# How many cpu's do we have? +export NUM_PROC=`%{_bindir}/getconf _NPROCESSORS_ONLN 2> /dev/null || :` +export NUM_PROC=${NUM_PROC:-1} + +# handle zlib packages without pkg-config file +%if 0%{?suse_version} <= 1130 +export ZLIB_CFLAGS=" " +export ZLIB_LIBS="-L/%{_lib} -lz" +%endif + +CFLAGS=$(rpm -E '%{optflags}' | sed 's/-Wall\>//') +CFLAGS="$CFLAGS -Wno-error" +CXXFLAGS=${CFLAGS} +%ifarch ppc64 ppc64le ppc +CFLAGS="$CFLAGS -fno-strict-aliasing" +%endif +%if 0%{?suse_version} >= 1330 +CFLAGS="$CFLAGS -fno-delete-null-pointer-checks -fno-lifetime-dse -fcommon" +CXXFLAGS="$CXXFLAGS -std=gnu++98 -fno-delete-null-pointer-checks -fno-lifetime-dse -fcommon" +%endif +export CFLAGS +export CXXFLAGS + +sh autogen.sh +%configure \ + --disable-downloading \ + --with-tzdata-dir=%{_datadir}/javazi \ + --with-pkgversion="build %{javaver}_%{updatever}-b%{buildver} suse-%{release}-%{_arch}" \ + --with-jdk-home="%{_sysconfdir}/alternatives/java_sdk" \ + --disable-nss \ + --enable-sysconf-nss \ + --enable-non-nss-curves \ +%if %{with bootstrap} + --enable-bootstrap \ +%else + --disable-bootstrap \ +%endif +%ifnarch %{arm} %{aarch64} + --with-parallel-jobs="${NUM_PROC}" \ +%endif +%ifarch s390 + --with-boot-jdk-jvmargs="-Xms256M -Xmx768M" \ +%endif +%if %{with zero} + --enable-zero \ + --disable-jfr \ +%endif +%if 0%{?suse_version} <= 1110 + --disable-system-gio \ + --disable-system-gconf \ +%endif +%if %{with_system_lcms} + --enable-system-lcms \ +%else + --disable-system-lcms \ +%endif +%if %{with_system_pcsc} + --enable-system-pcsc \ +%else + --disable-system-pcsc \ +%endif +%if %{with_system_sctp} + --enable-system-sctp \ +%else + --disable-system-sctp \ +%endif +%if %{with_system_kerberos} + --enable-system-kerberos \ +%else + --disable-system-kerberos \ +%endif +%if %{with_improved_font_rendering} + --enable-improved-font-rendering \ +%else + --disable-improved-font-rendering \ +%endif +%ifarch %{arm} + --with-hotspot-src-zip=%{SOURCE2} \ +%else +%if %{without zero} && %{with shenandoah} + --with-hotspot-src-zip=%{SOURCE3} \ + --with-hotspot-build=shenandoah \ +%endif +%endif + --with-openjdk-src-zip=%{SOURCE1} + +make patch %{?_smp_mflags} + +patch -p0 -i %{PATCH1} +patch -p0 -i %{PATCH2} +patch -p0 -i %{PATCH3} +patch -p0 -i %{PATCH12} + +%if %{with zero} +patch -p0 -i %{PATCH14} +%endif + +patch -p0 -i %{PATCH15} + +%ifarch ppc ppc64 ppc64le +# PPC fixes +patch -p0 -i %{PATCH103} +%endif + +patch -p0 -i %{PATCH2001} +patch -p0 -i %{PATCH2002} + +patch -p0 -i %{PATCH3000} + +patch -p0 -i %{PATCH4000} + +patch -p0 -i %{PATCH5001} + +(cd openjdk/common/autoconf + bash ./autogen.sh +) + +make %{?_smp_mflags} + +export JAVA_HOME=$(pwd)/%{buildoutputdir}images/j2sdk-image + +# cacerts are generated in runtime in openSUSE +if [ -f %{buildoutputdir}images/j2sdk-image/jre/lib/security/cacerts ]; then + rm -f %{buildoutputdir}images/j2sdk-image/jre/lib/security/cacerts +fi + +%if 0%{?suse_version} < 1130 +# ========== a default keystore ========== +# a cacerts generation - 11.3+ use java-ca-certificates package +for PEM in %{_sysconfdir}/ssl/certs/*.pem; do + ALIAS=$(basename ${PEM} .pem) + awk '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/{ print $0; }' ${PEM} > ${ALIAS}.pem + + yes | $JAVA_HOME/jre/bin/keytool -import -alias ${ALIAS} -keystore %{buildoutputdir}images/j2sdk-image/jre/lib/security/cacerts -storepass 'changeit' -file ${ALIAS}.pem || : + rm ${ALIAS}.pem +done +%endif + +# Check debug symbols are present and can identify code +SERVER_JVM="$JAVA_HOME/jre/lib/%{archinstall}/server/libjvm.so" +if [ -f "$SERVER_JVM" ] ; then + nm -aCl "$SERVER_JVM" | grep javaCalls.cpp +fi +CLIENT_JVM="$JAVA_HOME/jre/lib/%{archinstall}/client/libjvm.so" +if [ -f "$CLIENT_JVM" ] ; then + nm -aCl "$CLIENT_JVM" | grep javaCalls.cpp +fi +ZERO_JVM="$JAVA_HOME/jre/lib/%{archinstall}/zero/libjvm.so" +if [ -f "$ZERO_JVM" ] ; then + nm -aCl "$ZERO_JVM" | grep javaCalls.cpp +fi + +%install +export LANG=en_US.UTF-8 +#bnc#530046 +export STRIP_KEEP_SYMTAB=libjvm* +# skip /usr/lib/rpm/brp-check-bytecode-version: +export NO_BRP_CHECK_BYTECODE_VERSION=true + +pushd %{buildoutputdir}images/j2sdk-image + + # Install main files. + install -d -m 755 %{buildroot}%{_jvmdir}/%{sdkdir} + cp -a bin include lib src.zip %{buildroot}%{_jvmdir}/%{sdkdir} + install -d -m 755 %{buildroot}%{_jvmdir}/%{jredir} + cp -a jre/bin jre/lib %{buildroot}%{_jvmdir}/%{jredir} + + # Install extension symlinks. + install -d -m 755 %{buildroot}%{jvmjardir} + pushd %{buildroot}%{jvmjardir} + RELATIVE=$(%{abs2rel} %{_jvmdir}/%{jredir}/lib %{jvmjardir}) + ln -sf $RELATIVE/jsse.jar jsse-%{version}.jar + ln -sf $RELATIVE/jce.jar jce-%{version}.jar + ln -sf $RELATIVE/rt.jar jndi-%{version}.jar + ln -sf $RELATIVE/rt.jar jndi-ldap-%{version}.jar + ln -sf $RELATIVE/rt.jar jndi-cos-%{version}.jar + ln -sf $RELATIVE/rt.jar jndi-rmi-%{version}.jar + ln -sf $RELATIVE/rt.jar jaas-%{version}.jar + ln -sf $RELATIVE/rt.jar jdbc-stdext-%{version}.jar + ln -sf jdbc-stdext-%{version}.jar jdbc-stdext-3.0.jar + ln -sf $RELATIVE/rt.jar sasl-%{version}.jar + for jar in *-%{version}.jar + do + if [ x%{version} != x%{javaver} ] + then + ln -sf $jar $(echo $jar | sed "s|-%{version}.jar|-%{javaver}.jar|g") + fi + ln -sf $jar $(echo $jar | sed "s|-%{version}.jar|.jar|g") + done + popd + + # Install JCE policy symlinks. + install -d -m 755 %{buildroot}%{_jvmprivdir}/%{archname}/jce/vanilla + + # Install versionless symlinks. + pushd %{buildroot}%{_jvmdir} + ln -sf %{jredir} %{jrelnk} + ln -sf %{sdkdir} %{sdklnk} + popd + + pushd %{buildroot}%{_jvmjardir} + ln -sf %{sdkdir} %{jrelnk} + ln -sf %{sdkdir} %{sdklnk} + popd + + # Remove javaws man page + rm -f man/man1/javaws* + + # Install man pages. + install -d -m 755 %{buildroot}%{_mandir}/man1 + for manpage in man/man1/* + do + # Convert man pages to UTF8 encoding. + iconv -f ISO_8859-1 -t UTF8 $manpage -o $manpage.tmp + mv -f $manpage.tmp $manpage + install -m 644 -p $manpage %{buildroot}%{_mandir}/man1/$(basename \ + $manpage .1)-%{sdklnk}.1 + done + + # Install demos and samples. + cp -a demo %{buildroot}%{_jvmdir}/%{sdkdir} + # enable short-circuit + mkdir -p sample/rmi + [ -f bin/java-rmi.cgi ] && mv bin/java-rmi.cgi sample/rmi + cp -a sample %{buildroot}%{_jvmdir}/%{sdkdir} + +%if %{with_systemtap} + # Install systemtap support files. + cp -a tapset %{buildroot}%{_jvmdir}/%{sdkdir} + pushd %{buildroot}%{_jvmdir}/%{sdkdir}/tapset + for i in *.stp; do + mv $i $(basename $i .stp)-%{javaver}.stp + done + popd + install -d -m 755 %{buildroot}%{tapsetdir} + pushd %{buildroot}%{tapsetdir} + RELATIVE=$(%{abs2rel} %{_jvmdir}/%{sdkdir}/tapset %{tapsetdir}) + ln -sf $RELATIVE/*.stp . + popd +%endif + +popd + +# Install nss.fips.cfg: NSS configuration for global FIPS mode (crypto-policies) +install -m 644 nss.fips.cfg %{buildroot}%{_jvmdir}/%{jredir}/lib/security/ + +# Install Javadoc documentation. +install -d -m 755 %{buildroot}%{_javadocdir} +cp -a %{buildoutputdir}/docs %{buildroot}%{_javadocdir}/%{sdklnk} + +# Install icons and menu entries. +for s in 16 24 32 48 ; do + install -D -p -m 644 \ + openjdk/jdk/src/solaris/classes/sun/awt/X11/java-icon${s}.png \ + %{buildroot}%{_datadir}/icons/hicolor/${s}x${s}/apps/java-%{javaver}-openjdk.png +done + +# Install desktop files. +install -d -m 0755 %{buildroot}%{_datadir}/{applications,pixmaps} +install -d -m 0755 %{buildroot}/%{_jvmdir}/%{jredir}/lib/desktop/ +for d in jconsole policytool; do + install -m 0644 $d.desktop %{buildroot}/%{_jvmdir}/%{jredir}/lib/desktop/ + %suse_update_desktop_file %{buildroot}/%{_jvmdir}/%{jredir}/lib/desktop/$d.desktop +done + +# Find JRE directories. +find %{buildroot}%{_jvmdir}/%{jredir} -type d \ + | grep -v jre/lib/security \ + | sed 's|'%{buildroot}'|%dir |' \ + > %{name}.files.headless +# Find JRE files. +find %{buildroot}%{_jvmdir}/%{jredir} -type f -o -type l \ + | grep -v jre/lib/security \ + | sed 's|'%{buildroot}'||' \ + >> %{name}.files.all +#split %{name}.files to %{name}.files-headless and %{name}.files +#see https://bugzilla.redhat.com/show_bug.cgi?id=875408 +NOT_HEADLESS=\ +"%{_jvmdir}/%{jredir}/lib/%{archinstall}/libjsoundalsa.so +%{_jvmdir}/%{jredir}/lib/%{archinstall}/libsplashscreen.so +%{_jvmdir}/%{jredir}/lib/%{archinstall}/libawt_xawt.so +%{_jvmdir}/%{jredir}/lib/%{archinstall}/libjawt.so" +#filter %{name}.files from %{name}.files.all to %{name}.files-headless +ALL=`cat %{name}.files.all` +for file in $ALL ; do + INLCUDE="NO" ; + for blacklist in $NOT_HEADLESS ; do + # we can not match normally, because rpmbuild will evaluate !0 result as script failure + q=`expr match "$file" "$blacklist"` || : + l=`expr length "$blacklist"` || : + if [ $q -eq $l ]; then + INLCUDE="YES" ; + fi; + done + if [ "x$INLCUDE" = "xNO" ]; then + echo "$file" >> %{name}.files-headless + else + echo "$file" >> %{name}.files + fi +done +# Find demo directories. +find %{buildroot}%{_jvmdir}/%{sdkdir}/demo \ + %{buildroot}%{_jvmdir}/%{sdkdir}/sample -type d \ + | sed 's|'%{buildroot}'|%dir |' \ + > %{name}-demo.files + +# FIXME: remove SONAME entries from demo DSOs. See +# https://bugzilla.redhat.com/show_bug.cgi?id=436497 + +# Find non-documentation demo files. +find %{buildroot}%{_jvmdir}/%{sdkdir}/demo \ + %{buildroot}%{_jvmdir}/%{sdkdir}/sample \ + -type f -o -type l | sort \ + | grep -v README \ + | sed 's|'%{buildroot}'||' \ + >> %{name}-demo.files +# Find documentation demo files. +find %{buildroot}%{_jvmdir}/%{sdkdir}/demo \ + %{buildroot}%{_jvmdir}/%{sdkdir}/sample \ + -type f -o -type l | sort \ + | grep README \ + | sed 's|'%{buildroot}'||' \ + | sed 's|^|%doc |' \ + >> %{name}-demo.files + +# Create links which leads to separately installed java-atk-bridge and allow configuration +# links points to java-atk-wrapper - an dependence +# mvyskocil: links are handled in post, lets make ghost files there + touch %{buildroot}/%{_jvmdir}/%{jredir}/lib/%{archinstall}/libatk-wrapper.so + touch %{buildroot}/%{_jvmdir}/%{jredir}/lib/ext/java-atk-wrapper.jar + pushd %{buildroot}/%{_jvmdir}/%{jredir}/lib/ + echo "#Config file to enable java-atk-wrapper" > accessibility.properties + echo "" >> accessibility.properties + echo "assistive_technologies=org.GNOME.Accessibility.AtkWrapper" >> accessibility.properties + echo "" >> accessibility.properties + popd + +# fdupes links the files from JDK to JRE, so it breaks a JRE +# use it carefully :)) +%fdupes -s %{buildroot}/%{_jvmdir}/%{jredir}/ +%fdupes -s %{buildroot}/%{_jvmdir}/%{sdkdir}/demo +%fdupes -s %{buildroot}%{_javadocdir}/%{sdklnk} + +%if 0%{?suse_version} <= 1130 +# bnc496378 - check the size of installed cacerts +# 32 bytes means a default empty one +if [[ $(stat -c "%%s" %{buildroot}/%{cacerts}) == "32" ]]; then + echo "ERROR: Default keystore seems empty" + exit 1 +fi +%endif + +%post headless +ext=.gz +update-alternatives \ + --install %{_bindir}/java java %{jrebindir}/java %{priority} \ + --slave %{_jvmdir}/jre jre %{_jvmdir}/%{jrelnk} \ + --slave %{_jvmjardir}/jre jre_exports %{_jvmjardir}/%{jrelnk} \ + --slave %{_bindir}/keytool keytool %{jrebindir}/keytool \ + --slave %{_bindir}/orbd orbd %{jrebindir}/orbd \ + --slave %{_bindir}/policytool policytool %{jrebindir}/policytool \ + --slave %{_bindir}/rmid rmid %{jrebindir}/rmid \ + --slave %{_bindir}/rmiregistry rmiregistry %{jrebindir}/rmiregistry \ + --slave %{_bindir}/servertool servertool %{jrebindir}/servertool \ + --slave %{_bindir}/tnameserv tnameserv %{jrebindir}/tnameserv \ + --slave %{_bindir}/pack200 pack200 %{jrebindir}/pack200 \ + --slave %{_bindir}/unpack200 unpack200 %{jrebindir}/unpack200 \ + --slave %{_mandir}/man1/java.1$ext java.1$ext \ + %{_mandir}/man1/java-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/keytool.1$ext keytool.1$ext \ + %{_mandir}/man1/keytool-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/orbd.1$ext orbd.1$ext \ + %{_mandir}/man1/orbd-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/policytool.1$ext policytool.1$ext \ + %{_mandir}/man1/policytool-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/rmid.1$ext rmid.1$ext \ + %{_mandir}/man1/rmid-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/rmiregistry.1$ext rmiregistry.1$ext \ + %{_mandir}/man1/rmiregistry-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/servertool.1$ext servertool.1$ext \ + %{_mandir}/man1/servertool-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/tnameserv.1$ext tnameserv.1$ext \ + %{_mandir}/man1/tnameserv-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/pack200.1$ext pack200.1$ext \ + %{_mandir}/man1/pack200-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/unpack200.1$ext unpack200.1$ext \ + %{_mandir}/man1/unpack200-%{sdklnk}.1$ext \ + --slave %{_datadir}/applications/policytool.desktop policytool.desktop \ + %{_jvmdir}/%{jredir}/lib/desktop/policytool.desktop \ + || : + +update-alternatives \ + --install %{_jvmdir}/jre-openjdk \ + jre_openjdk %{_jvmdir}/%{jrelnk} %{priority} \ + --slave %{_jvmjardir}/jre-openjdk \ + jre_openjdk_exports %{_jvmjardir}/%{jrelnk} +update-alternatives \ + --install %{_jvmdir}/jre-%{javaver} \ + jre_%{javaver} %{_jvmdir}/%{jrelnk} %{priority} \ + --slave %{_jvmjardir}/jre-%{javaver} \ + jre_%{javaver}_exports %{_jvmjardir}/%{jrelnk} + +%postun headless +if [ $1 -eq 0 ] +then + if test -f /proc/sys/fs/binfmt_misc/jarexec + then + echo '-1' > /proc/sys/fs/binfmt_misc/jarexec + fi + update-alternatives --remove java %{jrebindir}/java + update-alternatives --remove jre_openjdk %{_jvmdir}/%{jrelnk} + update-alternatives --remove jre_%{javaver} %{_jvmdir}/%{jrelnk} +fi + +%if 0%{?suse_version} >= 1130 +%posttrans headless +# bnc#781690#c11: don't trust user defined JAVA_HOME and use the current VM +# XXX: this might conflict between various versions of openjdk +export JAVA_HOME=%{_jvmdir}/%{jrelnk} + +# check if the java-cacerts is a valid keystore (bnc#781690) +if [ X"`%{_bindir}/file --mime-type -b %{javacacerts}`" \ + != "Xapplication/x-java-keystore;" ]; then +%if 0%{?suse_version} <= 1310 + # workaround for bnc#847952 - pre 13.1 keyring.jar attempts to load invalid keystore and fail on it + rm -f "%{javacacerts}" +%endif + %{_sbindir}/update-ca-certificates +fi + +# remove the default empty cacert file, if it's installed +if [ 0`stat -c "%%s" %{cacerts} 2>/dev/null` = "032" ] ; then + rm -f %{cacerts} +fi + +# if cacerts does exists, neither does not contain/point to a +# valid keystore (bnc#781690) ... +if [ X"`%{_bindir}/file --mime-type -b -L %{cacerts}`" \ + != "Xapplication/x-java-keystore;" ]; then + # bnc#727223 + rm -f %{cacerts} + ln -s %{javacacerts} %{cacerts} +fi +%endif + +%post devel +ext=.gz +update-alternatives \ + --install %{_bindir}/javac javac %{sdkbindir}/javac %{priority} \ + --slave %{_jvmdir}/java java_sdk %{_jvmdir}/%{sdklnk} \ + --slave %{_jvmjardir}/java java_sdk_exports %{jvmjarlink} \ + --slave %{_bindir}/appletviewer appletviewer %{sdkbindir}/appletviewer \ + --slave %{_bindir}/extcheck extcheck %{sdkbindir}/extcheck \ + --slave %{_bindir}/jar jar %{sdkbindir}/jar \ + --slave %{_bindir}/jarsigner jarsigner %{sdkbindir}/jarsigner \ + --slave %{_bindir}/javadoc javadoc %{sdkbindir}/javadoc \ + --slave %{_bindir}/javah javah %{sdkbindir}/javah \ + --slave %{_bindir}/javap javap %{sdkbindir}/javap \ + --slave %{_bindir}/jcmd jcmd %{sdkbindir}/jcmd \ + --slave %{_bindir}/jconsole jconsole %{sdkbindir}/jconsole \ + --slave %{_bindir}/jdb jdb %{sdkbindir}/jdb \ + --slave %{_bindir}/jhat jhat %{sdkbindir}/jhat \ + --slave %{_bindir}/jinfo jinfo %{sdkbindir}/jinfo \ + --slave %{_bindir}/jmap jmap %{sdkbindir}/jmap \ + --slave %{_bindir}/jps jps %{sdkbindir}/jps \ + --slave %{_bindir}/jrunscript jrunscript %{sdkbindir}/jrunscript \ + --slave %{_bindir}/jsadebugd jsadebugd %{sdkbindir}/jsadebugd \ + --slave %{_bindir}/jstack jstack %{sdkbindir}/jstack \ + --slave %{_bindir}/jstat jstat %{sdkbindir}/jstat \ + --slave %{_bindir}/jstatd jstatd %{sdkbindir}/jstatd \ + --slave %{_bindir}/native2ascii native2ascii %{sdkbindir}/native2ascii \ + --slave %{_bindir}/rmic rmic %{sdkbindir}/rmic \ + --slave %{_bindir}/schemagen schemagen %{sdkbindir}/schemagen \ + --slave %{_bindir}/serialver serialver %{sdkbindir}/serialver \ + --slave %{_bindir}/wsgen wsgen %{sdkbindir}/wsgen \ + --slave %{_bindir}/wsimport wsimport %{sdkbindir}/wsimport \ + --slave %{_bindir}/xjc xjc %{sdkbindir}/xjc \ + --slave %{_mandir}/man1/appletviewer.1$ext appletviewer.1$ext \ + %{_mandir}/man1/appletviewer-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/extcheck.1$ext extcheck.1$ext \ + %{_mandir}/man1/extcheck-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jar.1$ext jar.1$ext \ + %{_mandir}/man1/jar-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jarsigner.1$ext jarsigner.1$ext \ + %{_mandir}/man1/jarsigner-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/javac.1$ext javac.1$ext \ + %{_mandir}/man1/javac-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/javadoc.1$ext javadoc.1$ext \ + %{_mandir}/man1/javadoc-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/javah.1$ext javah.1$ext \ + %{_mandir}/man1/javah-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/javap.1$ext javap.1$ext \ + %{_mandir}/man1/javap-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jconsole.1$ext jconsole.1$ext \ + %{_mandir}/man1/jconsole-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jcmd.1$ext jcmd.1$ext \ + %{_mandir}/man1/jcmd-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jdb.1$ext jdb.1$ext \ + %{_mandir}/man1/jdb-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jhat.1$ext jhat.1$ext \ + %{_mandir}/man1/jhat-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jinfo.1$ext jinfo.1$ext \ + %{_mandir}/man1/jinfo-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jmap.1$ext jmap.1$ext \ + %{_mandir}/man1/jmap-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jps.1$ext jps.1$ext \ + %{_mandir}/man1/jps-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jrunscript.1$ext jrunscript.1$ext \ + %{_mandir}/man1/jrunscript-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jsadebugd.1$ext jsadebugd.1$ext \ + %{_mandir}/man1/jsadebugd-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jstack.1$ext jstack.1$ext \ + %{_mandir}/man1/jstack-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jstat.1$ext jstat.1$ext \ + %{_mandir}/man1/jstat-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/jstatd.1$ext jstatd.1$ext \ + %{_mandir}/man1/jstatd-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/native2ascii.1$ext native2ascii.1$ext \ + %{_mandir}/man1/native2ascii-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/rmic.1$ext rmic.1$ext \ + %{_mandir}/man1/rmic-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/schemagen.1$ext schemagen.1$ext \ + %{_mandir}/man1/schemagen-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/serialver.1$ext serialver.1$ext \ + %{_mandir}/man1/serialver-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/wsgen.1$ext wsgen.1$ext \ + %{_mandir}/man1/wsgen-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/wsimport.1$ext wsimport.1$ext \ + %{_mandir}/man1/wsimport-%{sdklnk}.1$ext \ + --slave %{_mandir}/man1/xjc.1$ext xjc.1$ext \ + %{_mandir}/man1/xjc-%{sdklnk}.1$ext \ + --slave %{_datadir}/applications/jconsole.desktop jconsole.desktop \ + %{_jvmdir}/%{jredir}/lib/desktop/jconsole.desktop \ + || : + +update-alternatives \ + --install %{_jvmdir}/java-openjdk \ + java_sdk_openjdk %{_jvmdir}/%{sdklnk} %{priority} \ + --slave %{_jvmjardir}/java-openjdk \ + java_sdk_openjdk_exports %{jvmjarlink} +update-alternatives \ + --install %{_jvmdir}/java-%{javaver} \ + java_sdk_%{javaver} %{_jvmdir}/%{sdklnk} %{priority} \ + --slave %{_jvmjardir}/java-%{javaver} \ + java_sdk_%{javaver}_exports %{jvmjarlink} + +%postun devel +if [ $1 -eq 0 ] +then + update-alternatives --remove javac %{sdkbindir}/javac + update-alternatives --remove java_sdk_openjdk %{_jvmdir}/%{sdklnk} + update-alternatives --remove java_sdk_%{javaver} %{_jvmdir}/%{sdklnk} +fi + +%post javadoc +# in some settings, the %{_javadocdir}/%{sdklnk}/api does not exist +# and the update-alternatives call ends up in error. So, filter this +# cases out. +if [ -d %{_javadocdir}/%{sdklnk}/api ] +then + update-alternatives \ + --install %{_javadocdir}/java javadocdir %{_javadocdir}/%{sdklnk}/api \ + %{priority} +fi + +%postun javadoc +if [ $1 -eq 0 ] +then +# in some settings, the %{_javadocdir}/%{sdklnk}/api does not exist +# and the update-alternatives call ends up in error. So, filter this +# cases out. + if [ -d %{_javadocdir}/%{sdklnk}/api ] + then + update-alternatives --remove javadocdir %{_javadocdir}/%{sdklnk}/api + fi +fi + +%post accessibility +# create links to java-atk-wrapper +if [ ! -e %{_jvmdir}/%{jredir}/lib/%{archinstall}/libatk-wrapper.so ]; then + if [ -e %{_libdir}/java-atk-wrapper/libatk-wrapper.so ]; then + ln -sf %{_libdir}/java-atk-wrapper/libatk-wrapper.so %{_jvmdir}/%{jredir}/lib/%{archinstall}/libatk-wrapper.so + else + ln -sf %{_libdir}/java-atk-wrapper/libatk-wrapper.so.0 %{_jvmdir}/%{jredir}/lib/%{archinstall}/libatk-wrapper.so + fi +fi +if [ ! -e %{_jvmdir}/%{jredir}/lib/ext/java-atk-wrapper.jar ]; then + ln -sf %{_libdir}/java-atk-wrapper/java-atk-wrapper.jar %{_jvmdir}/%{jredir}/lib/ext/java-atk-wrapper.jar +fi + +%files -f %{name}.files +%dir %{_jvmdir}/%{jredir}/lib/%{archinstall} +%dir %{_datadir}/icons/hicolor +%{_datadir}/icons/hicolor/*x*/apps/java-%{javaver}-openjdk.png + +%files headless -f %{name}.files-headless +%dir %{_jvmdir} +%dir %{_jvmdir}/%{jredir}/ +%dir %{_jvmdir}/%{jredir}/bin +%dir %{_jvmdir}/%{jredir}/lib +%dir %{_jvmdir}/%{jredir}/lib/%{archinstall} +%dir %{_jvmdir}/%{jredir}/lib/%{archinstall}/jli +%ifnarch %{arm} +%dir %{_jvmdir}/%{jredir}/lib/%{archinstall}/server +%else +%dir %{_jvmdir}/%{jredir}/lib/%{archinstall}/client +%endif +%dir %{_jvmdir}/%{jredir}/lib/cmm +%dir %{_jvmdir}/%{jredir}/lib/desktop +%dir %{_jvmdir}/%{jredir}/lib/ext +%dir %{_jvmdir}/%{jredir}/lib/images +%dir %{_jvmdir}/%{jredir}/lib/images/cursors +%if %{without zero} +%dir %{_jvmdir}/%{jredir}/lib/jfr +%endif +%dir %{_jvmdir}/%{jredir}/lib/management +%dir %{_jvmdir}/%{jredir}/lib/security +%dir %{_jvmdir}/%{jredir}/lib/security/policy +%dir %{_jvmdir}/%{jredir}/lib/security/policy/limited +%dir %{_jvmdir}/%{jredir}/lib/security/policy/unlimited +%dir %{_libdir}/jvm-exports +%dir %{_libdir}/jvm-private + +%doc %{buildoutputdir}images/j2sdk-image/jre/ASSEMBLY_EXCEPTION +%license %{buildoutputdir}images/j2sdk-image/jre/LICENSE +%doc %{buildoutputdir}images/j2sdk-image/jre/THIRD_PARTY_README + +%dir %{_jvmdir}/%{sdkdir} +%{_jvmdir}/%{jrelnk} +%{_jvmjardir}/%{jrelnk} +%{_jvmprivdir}/* +%{jvmjardir} +%if 0%{?suse_version} <= 1130 +%config(noreplace) %{cacerts} +%endif +%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/java.policy +%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/java.security +%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/blacklisted.certs +%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/nss.cfg +%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/nss.fips.cfg +%{_mandir}/man1/java-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jjs-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/keytool-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/orbd-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/pack200-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/policytool-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/rmid-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/rmiregistry-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/servertool-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/tnameserv-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/unpack200-%{sdklnk}.1%{?ext_man} +%{_jvmdir}/%{jredir}/lib/security/policy/limited/US_export_policy.jar +%{_jvmdir}/%{jredir}/lib/security/policy/limited/local_policy.jar +%{_jvmdir}/%{jredir}/lib/security/policy/unlimited/US_export_policy.jar +%{_jvmdir}/%{jredir}/lib/security/policy/unlimited/local_policy.jar + +%files devel +%dir %{_jvmdir}/%{sdkdir}/bin +%dir %{_jvmdir}/%{sdkdir}/include +%dir %{_jvmdir}/%{sdkdir}/lib +%if %{with_systemtap} +%dir %{_jvmdir}/%{sdkdir}/tapset +%endif +%{_jvmdir}/%{sdkdir}/bin/* +%{_jvmdir}/%{sdkdir}/include/* +%{_jvmdir}/%{sdkdir}/lib/* + +%if %{with_systemtap} +%{_jvmdir}/%{sdkdir}/tapset/*.stp +%endif +%{_jvmdir}/%{sdklnk} +%{_jvmjardir}/%{sdklnk} +%{_mandir}/man1/appletviewer-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/extcheck-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/idlj-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jar-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jarsigner-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/javac-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/javadoc-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/javah-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/javap-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jconsole-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jcmd-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jdb-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jdeps-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jhat-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jinfo-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jmap-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jps-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jrunscript-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jsadebugd-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jstack-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jstat-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/jstatd-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/native2ascii-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/rmic-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/schemagen-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/serialver-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/wsgen-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/wsimport-%{sdklnk}.1%{?ext_man} +%{_mandir}/man1/xjc-%{sdklnk}.1%{?ext_man} + +%if %{with_systemtap} +%{tapsetroot} +%endif + +%files demo -f %{name}-demo.files + +%files src +%{_jvmdir}/%{sdkdir}/src.zip + +%files javadoc +%dir %{_javadocdir} +%dir %{_javadocdir}/%{sdklnk} +%{_javadocdir}/%{sdklnk}/* + +%files accessibility +%dir %{_jvmdir}/%{jredir}/lib/ext +%config(noreplace) %{_jvmdir}/%{jredir}/lib/accessibility.properties +%ghost %{_jvmdir}/%{jredir}/lib/%{archinstall}/libatk-wrapper.so +%ghost %{_jvmdir}/%{jredir}/lib/ext/java-atk-wrapper.jar + +%changelog diff --git a/java-atk-wrapper-security.patch b/java-atk-wrapper-security.patch new file mode 100644 index 0000000..c3e4226 --- /dev/null +++ b/java-atk-wrapper-security.patch @@ -0,0 +1,24 @@ +--- openjdk/jdk/src/share/lib/security/java.security-linux 2014-07-15 23:08:27.000000000 +0200 ++++ openjdk/jdk/src/share/lib/security/java.security-linux 2014-07-18 09:04:45.127566697 +0200 +@@ -227,7 +227,9 @@ + com.sun.activation.registries.,\ + jdk.jfr.events.,\ + jdk.jfr.internal.,\ +- jdk.management.jfr.internal. ++ jdk.management.jfr.internal.,\ ++ org.GNOME.Accessibility.,\ ++ org.GNOME.Bonobo. + + # + # List of comma-separated packages that start with or equal this string +@@ -280,7 +282,9 @@ + com.sun.activation.registries.,\ + jdk.jfr.events.,\ + jdk.jfr.internal.,\ +- jdk.management.jfr.internal. ++ jdk.management.jfr.internal.,\ ++ org.GNOME.Accessibility.,\ ++ org.GNOME.Bonobo. + + # + # Determines whether this properties file can be appended to diff --git a/make-jobserver-detection.patch b/make-jobserver-detection.patch new file mode 100644 index 0000000..9e7e0bd --- /dev/null +++ b/make-jobserver-detection.patch @@ -0,0 +1,13 @@ +Index: openjdk/make/MakeHelpers.gmk +=================================================================== +--- openjdk/make/MakeHelpers.gmk.orig ++++ openjdk/make/MakeHelpers.gmk +@@ -145,7 +145,7 @@ endef + + # Hook to be called as the very first thing when running a normal build + define AtMakeStart +- $(if $(findstring --jobserver,$(MAKEFLAGS)),$(error make -j is not supported, use make JOBS=n)) ++ $(if $(findstring jobserver,$(.FEATURES)),,$(error make -j is not supported, use make JOBS=n)) + $(call CheckEnvironment) + @$(PRINTF) $(LOG_INFO) "Running make as '$(MAKE) $(MFLAGS) $(MAKE_ARGS)'\n" + @$(PRINTF) "Building $(PRODUCT_NAME) for target '$(call GetRealTarget)' in configuration '$(CONF_NAME)'\n\n" diff --git a/nss.fips.cfg.in b/nss.fips.cfg.in new file mode 100644 index 0000000..fc7e4e7 --- /dev/null +++ b/nss.fips.cfg.in @@ -0,0 +1,6 @@ +name = NSS-FIPS +nssLibraryDirectory = @NSS_LIBDIR@ +nssSecmodDirectory = @NSS_SECMOD@ +nssDbMode = readOnly +nssModule = fips + diff --git a/openjdk-git.tar.xz b/openjdk-git.tar.xz new file mode 100644 index 0000000..0b50b07 --- /dev/null +++ b/openjdk-git.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1b205735e518f8fd172b2c945f8f28fe7564b378ce5cc1730484a9e325e6d478 +size 59708312 diff --git a/ppc-zero-hotspot.patch b/ppc-zero-hotspot.patch new file mode 100644 index 0000000..992d77c --- /dev/null +++ b/ppc-zero-hotspot.patch @@ -0,0 +1,22 @@ +diff -up openjdk/hotspot/src/os_cpu/linux_zero/vm/globals_linux_zero.hpp.ppc64 openjdk/hotspot/src/os_cpu/linux_zero/vm/globals_linux_zero.hpp +--- openjdk/hotspot/src/os_cpu/linux_zero/vm/globals_linux_zero.hpp.ppc64 2013-02-22 19:02:06.000000000 +0100 ++++ openjdk/hotspot/src/os_cpu/linux_zero/vm/globals_linux_zero.hpp 2013-04-18 16:21:24.897403406 +0200 +@@ -32,11 +32,15 @@ + // + + define_pd_global(bool, DontYieldALot, false); +-define_pd_global(intx, ThreadStackSize, 1536); ++define_pd_global(intx, ThreadStackSize, 1664); + #ifdef _LP64 +-define_pd_global(intx, VMThreadStackSize, 1024); ++#if defined (_LITTLE_ENDIAN) && defined (__powerpc64__) ++define_pd_global(intx, VMThreadStackSize, 1920); + #else +-define_pd_global(intx, VMThreadStackSize, 512); ++define_pd_global(intx, VMThreadStackSize, 1280); ++#endif ++#else ++define_pd_global(intx, VMThreadStackSize, 640); + #endif // _LP64 + define_pd_global(intx, CompilerThreadStackSize, 0); + define_pd_global(uintx, JVMInvokeMethodSlack, 8192); diff --git a/riscv64-zero.patch b/riscv64-zero.patch new file mode 100644 index 0000000..60475c7 --- /dev/null +++ b/riscv64-zero.patch @@ -0,0 +1,86 @@ +Index: openjdk/common/autoconf/build-aux/autoconf-config.sub +=================================================================== +--- openjdk/common/autoconf/build-aux/autoconf-config.sub.orig ++++ openjdk/common/autoconf/build-aux/autoconf-config.sub +@@ -302,6 +302,7 @@ case $basic_machine in + | pdp10 | pdp11 | pj | pjl \ + | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ + | pyramid \ ++ | riscv32 | riscv64 \ + | score \ + | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ + | sh64 | sh64le \ +@@ -383,6 +384,7 @@ case $basic_machine in + | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ + | pyramid-* \ ++ | riscv32-* | riscv64-* \ + | romp-* | rs6000-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ + | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ +Index: openjdk/common/autoconf/platform.m4 +=================================================================== +--- openjdk/common/autoconf/platform.m4.orig ++++ openjdk/common/autoconf/platform.m4 +@@ -96,6 +96,12 @@ AC_DEFUN([PLATFORM_EXTRACT_VARS_FROM_CPU + VAR_CPU_BITS=64 + VAR_CPU_ENDIAN=big + ;; ++ riscv64) ++ VAR_CPU=riscv64 ++ VAR_CPU_ARCH=riscv ++ VAR_CPU_BITS=64 ++ VAR_CPU_ENDIAN=little ++ ;; + *) + AC_MSG_ERROR([unsupported cpu $1]) + ;; +@@ -391,6 +397,7 @@ AC_DEFUN([PLATFORM_SETUP_LEGACY_VARS], + sparc*) ZERO_ARCHDEF=SPARC ;; + x86_64*) ZERO_ARCHDEF=AMD64 ;; + x86) ZERO_ARCHDEF=IA32 ;; ++ riscv*) ZERO_ARCHDEF=RISCV ;; + *) ZERO_ARCHDEF=$(echo "${OPENJDK_TARGET_CPU_LEGACY_LIB}" | tr a-z A-Z) + esac + AC_SUBST(ZERO_ARCHDEF) +Index: openjdk/hotspot/src/os/linux/vm/os_linux.cpp +=================================================================== +--- openjdk/hotspot/src/os/linux/vm/os_linux.cpp.orig ++++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp +@@ -369,7 +369,7 @@ void os::init_system_properties_values() + // 1: ... + // ... + // 7: The default directories, normally /lib and /usr/lib. +-#if defined(AMD64) || defined(_LP64) && (defined(SPARC) || defined(PPC) || defined(S390)) ++#if defined(AMD64) || defined(_LP64) && (defined(SPARC) || defined(PPC) || defined(S390) || defined(RISCV)) + #define DEFAULT_LIBPATH "/usr/lib64:/lib64:/lib:/usr/lib" + #else + #define DEFAULT_LIBPATH "/lib:/usr/lib" +@@ -1960,6 +1960,10 @@ void * os::dll_load(const char *filename + #define EM_AARCH64 183 + #endif + ++ #ifndef EM_RISCV ++ #define EM_RISCV 243 ++ #endif ++ + static const arch_t arch_array[]={ + {EM_386, EM_386, ELFCLASS32, ELFDATA2LSB, (char*)"IA 32"}, + {EM_486, EM_386, ELFCLASS32, ELFDATA2LSB, (char*)"IA 32"}, +@@ -1982,6 +1986,7 @@ void * os::dll_load(const char *filename + {EM_PARISC, EM_PARISC, ELFCLASS32, ELFDATA2MSB, (char*)"PARISC"}, + {EM_68K, EM_68K, ELFCLASS32, ELFDATA2MSB, (char*)"M68k"}, + {EM_AARCH64, EM_AARCH64, ELFCLASS64, ELFDATA2LSB, (char*)"AARCH64"}, ++ {EM_RISCV, EM_RISCV, ELFCLASS64, ELFDATA2LSB, (char*)"RISCV"}, + }; + + #if (defined IA32) +@@ -2014,6 +2019,8 @@ void * os::dll_load(const char *filename + static Elf32_Half running_arch_code=EM_68K; + #elif (defined AARCH64) + static Elf32_Half running_arch_code=EM_AARCH64; ++#elif (defined RISCV) ++ static Elf32_Half running_arch_code=EM_RISCV; + #else + #error Method os::dll_load requires that one of following is defined:\ + IA32, AMD64, IA64, __sparc, __powerpc__, ARM, S390, ALPHA, MIPS, MIPSEL, PARISC, M68K, AARCH64 diff --git a/shenandoah-git.tar.xz b/shenandoah-git.tar.xz new file mode 100644 index 0000000..99f58e7 --- /dev/null +++ b/shenandoah-git.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d807f0abf774f3f437e0e957e54b804a60bbed4b9c92721303539824787fabf0 +size 7293384 diff --git a/tls13extensions.patch b/tls13extensions.patch new file mode 100644 index 0000000..4dc5110 --- /dev/null +++ b/tls13extensions.patch @@ -0,0 +1,20 @@ +--- openjdk/jdk/src/share/classes/sun/security/ssl/SSLExtension.java 2021-05-21 08:10:00.830159018 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/ssl/SSLExtension.java 2021-05-21 08:11:40.258772361 +0200 +@@ -198,7 +198,7 @@ + + CH_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert", + SSLHandshake.CLIENT_HELLO, +- ProtocolVersion.PROTOCOLS_12_13, ++ ProtocolVersion.PROTOCOLS_OF_13, + CertSignAlgsExtension.chNetworkProducer, + CertSignAlgsExtension.chOnLoadConsumer, + null, +@@ -319,7 +319,7 @@ + + CH_SUPPORTED_VERSIONS (0x002B, "supported_versions", + SSLHandshake.CLIENT_HELLO, +- ProtocolVersion.PROTOCOLS_TO_13, ++ ProtocolVersion.PROTOCOLS_OF_13, + SupportedVersionsExtension.chNetworkProducer, + SupportedVersionsExtension.chOnLoadConsumer, + null, diff --git a/zero-javadoc-verbose.patch b/zero-javadoc-verbose.patch new file mode 100644 index 0000000..ab71b7f --- /dev/null +++ b/zero-javadoc-verbose.patch @@ -0,0 +1,10 @@ +--- openjdk/make/Javadoc.gmk ++++ openjdk/make/Javadoc.gmk +@@ -260,7 +260,6 @@ $(call CopyrightLine,$(COPYRIGHT_URL),$( + # Common javadoc options used by all + COMMON_JAVADOCFLAGS = \ + -XDignore.symbol.file=true \ +- -quiet \ + -use \ + -keywords \ + -Xdoclint:none \